Changelog:
Fixed 35.0.1 - With the Enhanced Steam extension, Firefox could crash (1123732)
Fixed 35.0.1 - Fix a potential startup crash (1122367)
Fixed 35.0.1 - Kerberos authentication did not work with alias (1108971)
Fixed 35.0.1 - SVG / CSS animation had a regression causing rendering issues on websites like openstreemap.org (1083079)
Fixed 35.0.1 - On Godaddy webmail, Firefox could crash (1113121)
Fixed 35.0.1 - document.baseURI did not get updated to document.location after base tag was removed from DOM for site with a CSP (1121857)
Fixed 35.0.1 - With a Right-to-left (RTL) version of Firefox, the text selection could be broken (1104036)
Fixed 35.0.1 - CSP had a change in behavior with regard to case sensitivity resources loading (1122445)
changes:
-fixes possible crashes and memory leaks which qualify as DOS problems
(CVE-2015-1380, CVE-2015-1381, CVE-2015-1382)
-minor fixes, documentation improvements
Upstream changes:
5.73 2015-01-24
- Deprecated Mojolicious::Routes::Route::bridge in favor of
Mojolicious::Routes::Route::under.
- Deprecated Mojolicious::Controller::render_exception in favor of
reply->exception helper.
- Deprecated Mojolicious::Controller::render_not_found in favor of
reply->not_found helper.
- Removed deprecated object-oriented Mojo::JSON API.
- Removed deprecated stringification support from Mojo::Collection.
- Removed deprecated support for data arguments from Mojo::JSON::Pointer.
- Removed deprecated AUTOLOAD and pluck methods from Mojo::Collection.
- Removed deprecated AUTOLOAD and val methods from Mojo::DOM.
- Moved tutorial from Mojolicious::Lite to Mojolicious::Guides::Tutorial.
- Added term_escape method to Mojo::ByteStream.
- Added term_escape function to Mojo::Util.
- Improved get command to use the user agent of the application.
- Improved diagnostics information for MOJO_DAEMON_DEBUG,
MOJO_USERAGENT_DEBUG and MOJO_WEBSOCKET_DEBUG environment variables.
- Fixed tag helpers to generate correct HTML5. (batman, sri)
- Fixed JSON Pointer escaping bug.
- Fixed portability bug in monkey_patch tests.
Version 3.4.2 (2015-01-22)
--------------------------
### Fixed
Fix an infinite recursion problem in the `FilesModel` class (see #7588).
Version 3.4.1 (2015-01-22)
--------------------------
### Fixed
Fix the position of the input field hints (see #7561).
### Fixed
Do not apply the GDlib maximum dimensions to SVG images (see #7435).
### Fixed
Do not show the diff icon if a record has been deleted (see #7429).
### Fixed
Remove a left-over headline from the `ce_text.xhtml` template (see #7502).
### Fixed
Preserve comments when exporting CSS files (see #7482).
### Fixed
Fix the LESS import path in the Combiner (see #7533).
### Fixed
Hide the width and height attributes if there is a sizes attribute (see #7500).
### Fixed
Remove the hardcoded figcaption width (see #7549).
### Fixed
Only load the model in the file/page picker if the class exists (see #7490).
### Fixed
Romanize style sheet names (see #7526).
### Fixed
Add the username to the "account has been locked" log entry (see #7551).
### Fixed
Consider the suhosin.memory_limit when raising the PHP limits (see #7035).
### Fixed
Added two missing `exclude` flags in the `tl_page` data container (see #7522).
### Fixed
Send an UTF-8 charset header in the `die_nicely()` function (see #7519).
### Fixed
Correctly validate dates in the `Widget` class (see #7498).
### Fixed
Back port the fixes from #7475 and #7473.
### Fixed
Send the same cache headers for cached and uncached pages (see #7455).
### Fixed
Fix the `current() expects parameter 1 to be array` issue (see #6739).
### Fixed
Correctly replace the `*_teaser` insert tags (see #7488).
### Fixed
Adjust the last and previous login labels (see #7426).
### Fixed
Unset the `postUnsafeRaw` cache in `Input::setPost()` (see #7481).
Version 3.2.17 (2015-01-22)
---------------------------
### Fixed
Romanize style sheet names (see #7526).
### Fixed
Add the username to the "account has been locked" log entry (see #7551).
### Fixed
Consider the suhosin.memory_limit when raising the PHP limits (see #7035).
### Fixed
Added two missing `exclude` flags in the `tl_page` data container (see #7522).
### Fixed
Send an UTF-8 charset header in the `die_nicely()` function (see #7519).
### Fixed
Correctly validate dates in the `Widget` class (see #7498).
### Fixed
Back port the fixes from #7475 and #7473.
### Fixed
Send the same cache headers for cached and uncached pages (see #7455).
### Fixed
Fix the `current() expects parameter 1 to be array` issue (see #6739).
### Fixed
Correctly replace the `*_teaser` insert tags (see #7488).
### Fixed
Adjust the last and previous login labels (see #7426).
### Fixed
Unset the `postUnsafeRaw` cache in `Input::setPost()` (see #7481).
(with post 2.6.0 fix: bin/httpclient one-liner broken)
## Changes
### Changes in 2.6.0
This release includes internal CookieManager implementation change. It
involves compatibility layer but for the case your library depends on internal
implementation it also provides a way to restore the implementation. See below
for more details.
* Changes
* feat: use http-cookie if available for better Cookies spec compliance.
Instead of WebAgent 0.6.2 that is not maintained over 10 years. To omit
maintaining that library use http-cookie for better spec compliance and
healthy development.
This introduces following incompatibility from existing cookies
implementation.
* Expired cookies are not saved. With the old implementation expired
cookies are saved in file and not be sent to the server. With the new
implementation the expired cookies are not saved to the file and not
be sent to the server.
* Cookie#domain returns dot-less domain for domain cookies. Instead,
Cookie#dot_domain returns with dot.
http-cookie is used by default if available but you can restore original
CookieManager behavior by loading 'httpclient/webagent-cookie' feature
before 'httpclient' like this;
```ruby
require 'httpclient/webagent-cookie'
require 'httpclient'
```
The new implementation dumps warnings to help you migrate to http-cookie.
Please follow the suggestion to avoid future compatibility.
```ruby
e.g.
WebAgent::Cookie is deprecated and will be replaced with HTTP::Cookie in the near future. Please use Cookie#origin= instead of Cookie#url= for the replacement.
Cookie#domain returns dot-less domain name now. Use Cookie#dot_domain if you need "." at the beginning.
CookieManager#find is deprecated and will be removed in near future. Use HTTP::Cookie.cookie_value(CookieManager#cookies) instead
```
* feat: Message#previous to get responses in negotiation
HTTP::Message#previous keeps previous response in negotiation. For
redirection, authorization negotiation and retry from custom filter.
Closes#234.
* feat: Add JSONClient
JSONClient auto-converts Hash <-> JSON in request and response.
* For POST or PUT request, convert Hash body to JSON String with
'application/json; charset=utf-8' header.
* For response, convert JSON String to Hash when content-type is
'(application|text)/(x-)?json'
This commit include bin/jsonclient that works as same as bin/httpclient
not with HTTPClient but with JSONClient.
* feat: Add download command
```
% httpclient download http://host/path > file
```
* Bug fixes
* fix: duplicated query params by follow_redirect
When the original request has query and the server returns redirection
response with Location, HTTPClient wrongly adds query to the new URI. In
such case the Location header could include query part;
```
e.g.
http://originalhost/api/call?limit=10
-> Location: http://otherhost/api/call?limit=10
```
HTTPClient should just hit the new location '/api/call?limit=10' not
'/api/call?limit=10&limit=10'. Closes#236.
* fix: NTLM & Basic dual auth
When a server returns two or more WWW-Authenticate headers and the first
one is NTLM, say WWW-Authenticate: NTLM and WWW-Authenticate: Basic in
this order, HTTPClient sent Basic Authorization header after finishing
NTLM auth negotiation.
NTLM auth is a connection authentication scheme so HTTPClient deleted
the internal auth negotiation state so that NTLM authenticator does not
do anything after the negotiation has completed. In such case, for the
subsequent requests, NTLM authenticator does nothing but Basic
authenticator sends Basic Authorization header to the server that is
already negotiated via NTLM authenticator. This can cause authentication
failure.
This commit changes the internal state handling not to delete the state
but introduce :done state. NTLM authenticator returns :skip for the
request to the server that auth negotiation has completed. WWWAuth skips
other authenticator to avoid above issue. Closes#157.
* fix: transplant IO positions to new request in negotiation
In authorization negotiation HTTP::Message for request is generated for
each request, of course, but HTTPClient did not care the IO position
recorded in the previous requests in the subsequent requests. Closes#130.
* fix: avoid inconsistent Content-Length and actual body
If lengths of all posted arguments are known HTTPClient sends
'Content-Length' as a sum length of all arguments. But the length of
actual body was wrong because it read as much as possible regardless of
what IO#size returned. So if the file is getting bigger while HTTPClient
is processing a request the request has inconsistent Content-Length and
body.
This bug is found, and the fix is proposed both by @Teshootub7. Thank
you very much for patient trouble shooting! Fixes#117.
* fix: KeepAliveDisconnected race condition
As details explained in #84, current HTTPClient's KeepAliveDisconnected
handling has a race condition bug that allows a client to have
invalidated connection two or more times. This could be a cause of #185.
To avoid this, make HTTPClient acquire new connection for retry of
KeepAliveDisconnected. Closes#84. Closes#185.
### Changes in 2.5.3
This release includes behavior changes of POST and PUT requests that has
nil as a body. See changes below. Emtpty String as a body is not affected.
* Changes
* Update cacert. "Certificate data from Mozilla as of: Tue Oct 28 22:03:58 2014"
-> Reverted in 2.5.3.3 because it caused unexpected SSLError. See
https://github.com/nahi/httpclient/issues/230
* Allow no content POST and PUT.
Previously POST or PUT with :body => nil meant that 'POST or PUT with 0
length entity body'. But sometimes you need to POST or PUT actually no
content which should not have Content-Type nor Content-Length.
It could be incompatible change for user who POST/PUT-ed with empty body
but it should be rare, actually WEBrick cannot handle such 'no content'
POST and PUT. #128.
* Add default_header property.
:default_header is for providing default headers Hash that all HTTP
requests should have, such as custom 'Authorization' header in API. You
can override :default_header with :header Hash parameter in HTTP request
methods.
* raise if redirect res does not have Location header. #155.
* Bug fixes
* Avoid NPE by a cookie without domain=.
The root cause is still uncertain though. Closes#123
* Suppress verify_callback warning.
Because OpenSSL can try multiple certificate chains and some of it can
fail, and one of them succeeds. For that case warning is irrelevant.
Let it warn only in $DEBUG mode. #221.
### Changes in 2.5.2
Oct 29, 2014 - version 2.5.2
* Changes
* Add :force_basic_auth config - #166, #179, #181.
Generally HTTP client must send Authorization header after it gets 401
error from server from security reason. But in some situation (e.g.
API client) you might want to send Authorization from the beginning.
You can turn on/off force_basic_auth flag for sending Authorization
header from the beginning. (Of cource, if a request URI matches with
the URI you set in set_auth method)
Syntax:
```ruby
HTTPClient.new(:force_basic_auth => true)
# or
c = HTTPClient.new
c.force_basic_auth = true
```
* Add :base_url to HTTPClient configuration.
Passing path to get, post, etc. is recognized as a request to
:base_url + uri. If you pass full URL :base_url is ignored.
```ruby
api = HTTPClient.new(:base_url => 'https://api.example.com/v1')
api.get("/users.json") # => Get https://api.example.com/v1/users.json
api.get("https://localhost/path") # => https://localhost/path
```
### Changes in 2.5.1
Oct 19, 2014 - version 2.5.1
* Changes
* Allow to specify :query in POST, PUT, DELETE and OPTIONS requests.
Closes#83.
* Allow to specify :body in OPTIONS request. Closes#136.
### Changes in 2.5.0
Oct 17, 2014 - version 2.5.0
**IMPORTANT CHANGES**
This version changes (again) default SSL options to help
BEAST/CRIME/POODLE Attack prevension.
* Disabled SSLv3 in favor of POODLE Attack prevention.
* Enabled 1/n-1 fragment in favor of BEAST Attack prevention.
* No TLS compression in favor of CRIME Attack prevention.
You can restore the previous SSL configuration like this;
```ruby
client = HTTPClient.new
client.ssl_config.ssl_version = :SSLv23
client.ssl_config.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_SSLv2
```
* Changes
* Change default SSL options. See above.
* Keep cause error of KeepAliveDisconnected. It allows caller to
investigate the cause of KeepAliveDisconnected.
### Changes in 2.4.0
Jun 8, 2014 - version 2.4.0
**IMPORTANT CHANGES**
This version changes default SSL version to :auto (same as nil) to use SSL/TLS
version negotiation. Former versions use SSLv3 as default that does not connect
via TLS. This change makes underlying OpenSSL library decide which SSL/TLS
version to use but SSLv2 is disabled.
This change makes your secure connection safer but if you see SSL connection
failure with this version try specifying SSL version to use SSLv3 like;
```
client = HTTPClient.new
client.ssl_config.ssl_version = :SSLv3
```
* Bug fixes
* Avoid unnecessary connection retries for OAuth error.
[#203](https://github.com/nahi/httpclient/issues/203)
* Make authentication drivers Thread-safe. Note that HTTPClient instance is
Thread-safe for authentication state update but it shares authentication
state across threads by design. If you don't want to share authentication
state, such as for using different authentication username/password pair
per thread, create HTTPClient instance for each Thread.
[#200](https://github.com/nahi/httpclient/issues/200)
* Avoid chunked String recycle in callback block.
[#193](https://github.com/nahi/httpclient/issues/193)
* Do not send empty 'oauth_token' in signed request for compatibility.
[#188](https://github.com/nahi/httpclient/issues/188)
* Ignore negative Content-Length header from server.
[#175](https://github.com/nahi/httpclient/issues/175)
* Fix incorrect use of absolute URL for HTTPS proxy requests.
[#168](https://github.com/nahi/httpclient/issues/168)
* Handle UTF characters in chunked bodies.
[#167](https://github.com/nahi/httpclient/issues/167)
* A new cookie never be accepted if an HTTPClient has the same expired cookie.
[#154](https://github.com/nahi/httpclient/issues/154)
* Allow spaces in NO_PROXY environment like; "hosta, hostb"
[#141](https://github.com/nahi/httpclient/issues/141)
* Avoid HttpClient::Message::Body#dump causes Encoding::CompatibilityError.
[#140](https://github.com/nahi/httpclient/issues/140)
* Changes
* Change default SSL version to :auto to use version negotiation.
[#186](https://github.com/nahi/httpclient/issues/186),
[#204](https://github.com/nahi/httpclient/issues/204)
* Allow to pass client private key passphrase in SSLConfig.
[#201](https://github.com/nahi/httpclient/issues/201)
* Convert README to markdown syntax
[#198](https://github.com/nahi/httpclient/issues/198)
* Update default CA certificates: change the source from JDK's to Firefox's.
The file is downloaded from
https://raw.githubusercontent.com/bagder/ca-bundle/master/ca-bundle.crt
(Certificate data from Mozilla as of: Tue Apr 22 08:29:31 2014)
[#195](https://github.com/nahi/httpclient/issues/195)
* Callback block can be defined as to get 2 arguments to retrieve the
response object.
[#194](https://github.com/nahi/httpclient/issues/194)
* Remove [] from given address for IPv6 compat.
[#176](https://github.com/nahi/httpclient/issues/176)
* Update API endpoints to those of Twitter REST API v1.1.
[#150](https://github.com/nahi/httpclient/issues/150)
=================
WebKitGTK+ 2.4.8
=================
- Fix SSL connection issues with some websites after the POODLE vulnerability fix.
- Fix a crash when loading flash plugins.
- Fix build on GNU Hurd
- Fix build on OS X.
- Fix documentation of webkit_print_operation_get_page_setup().
- Security fixes: CVE-2014-1344, CVE-2014-1384, CVE-2014-1385, CVE-2014-1386,
CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-1390.
Trac 1.0.3 is a maintenance release containing numerous fixes and minor
enhancements. The following are a few of the highlights:
- Notification is sent when adding an attachment to a ticket (#2259).
- Stylesheets and scripts are loaded during autopreview, resulting in proper
syntax highlighting when code WikiProcessors are added (#10470) and display
of Workflow graphs without explicit autopreview (#10674).
- Merge changesets are shown as differences against first parent, resulting
in less noisy changesets (#10740).
- Pygments 2.0 is supported (#11796).
- Fixed error when completing the `initenv` TracAdmin command (#11797).
- Performance improvement on systems with many thousands of authenticated
users due to caching of Environment.get_known_users (#11868).
- Distribution metadata of wheel package is supported and displayed on the
About page (#11877).
Changelog:
New Firefox Hello with new rooms-based conversations model
New New search UI improved and enabled for more locales
New Access the Firefox Marketplace from the Tools menu and optional toolbar button
New Built-in support for H264 (MP4) on Mac OS X Snow Leopard (10.6) and newer through native APIs
New Use tiled rendering on OS X
New Improved high quality image resizing performance
New Improved handling of dynamic styling changes to increase responsiveness
HTML5 Added support for the CSS Font Loading API
HTML5 Resource Timing API implemented
HTML5 CSS filters enabled by default
HTML5 Changed JavaScript 'let' semantics to conform better to the ES6 specification
Developer Support for inspecting ::before and ::after pseudo elements
Developer Computed view: Nodes matching the hovered selector are now highlighted
Developer Network Monitor: New request/response headers view (more info)
Developer Added support for the EXT_blend_minmax WebGL extension
Fixed Show DOM Properties context menu item in inspector
Fixed Reduced resource usage for scaled images
Fixed PDF.js updated to version 1.0.907
Fixed Non-HTTP(S) XHR now returns correct status code
Fixed Various security fixes
Security fixes:
2015-09 XrayWrapper bypass through DOM objects
2015-08 Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension
2015-07 Gecko Media Plugin sandbox escape
2015-06 Read-after-free in WebRTC
2015-05 Read of uninitialized memory in Web Audio
2015-04 Cookie injection through Proxy Authenticate responses
2015-03 sendBeacon requests lack an Origin header
2015-02 Uninitialized memory use during bitmap rendering
2015-01 Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)
Mon Dec 22 16:33:18 CET 2014
Releasing 0.9.39. -CG
Mon Dec 22 13:02:36 CET 2014
Fix generated compiler flags for Solaris Studio linker (#3584). -CG
Sat Dec 20 00:35:40 CET 2014
Adding MHD_http_unescape() to public API (#3585). -CG
Updating documentation to document
MHD_is_feature_supported(). -CG
Thu Dec 4 00:43:10 CET 2014
If "Connection: upgrade" is requested, do not add
"Connection: Keep-Alive" in the response. -GJ
Tue Nov 18 13:52:29 CET 2014
Call MHD_cleanup_connections() during MHD_DAEMON_INFO_CURRENT_CONNECTIONS
processing for more accurate results. -MS
Wed Oct 29 20:45:21 CET 2014
Adding MHD_OPTION_LISTENING_ADDRESS_REUSE option allowing clients
to force allowing re-use of the address:port combination
(SO_REUSEPORT). -MS
Wed Oct 29 16:27:05 CET 2014
Adding MHD_DAEMON_INFO_CURRENT_CONNECTIONS to allow clients
to query the number of active connections. -MS
Fri Oct 3 14:28:58 CEST 2014
Releasing 0.9.38. -CG
Mon Sep 29 22:25:34 CEST 2014
Properly decode '+' in URL-encoded POST data. -CG/KM
Fri Sep 12 17:32:09 CEST 2014
Fix --disable-dauth configure option (#3543). -doostee
Thu Jun 26 21:06:04 CEST 2014
Fix failure to terminate 'instantly' in thread-per-connection
mode if there is a client with open connections.
Thanks to Kenneth Mastro for reporting. -CG
Sun Jun 22 12:22:08 CEST 2014
Actually, avoid locking on response as responses must
not be modified in a connection-specific way; instead
modify the connection's data buffer to add missing
responses headers. If we are forced to add
"Connection: close", suppress output of conflicting
application-provided "Connection: Keep-Alive" header. -CG
Sun Jun 22 00:22:08 CEST 2014
Lock on response if adding headers, needed if response
object is shared across threads and connections. -CG
Thu Jun 19 17:32:32 CEST 2014
Ensure that listen FD is bound to epoll FD even before
MHD_run() is called if running with MHD_USE_EPOLL_LINUX_ONLY
in combination with 'external select' mode. Thanks to
Marcos Pindado Sebastian for reporting. -CG
Sun Jun 8 15:10:44 CEST 2014
Add 'MHD_set_response_options' as a way to set per-response
flags. Add flag to force HTTP 1.0-only conservative
behavior, in particular suppressing adding "Connection"
headers. -CG
Mon Jun 2 00:03:28 CEST 2014
Added back unescaping for URI path (#3413) but without
unescaping '+' (#3371) to remain compatible with
MHD 0.9.34 and before. Note that applications providing
a custom MHD_OPTION_UNESCAPE_CALLBACK are no longer expected
to replace '+' with ' ', as that is now done separately for
the locations where this transformation is appropriate.
Releasing 0.9.37. -CG
Wed May 28 15:30:56 CEST 2014
Properly applying patch that was supposed to be
committed on "May 2 20:22:45 CEST 2014" to address
infinite loop (DoS) when HTTP connection is reset (#3392). -GM
Sun May 25 20:18:27 CEST 2014
Fixed W32 build issues. -EG
Releasing 0.9.36. -CG
Sat May 17 06:47:00 CEST 2014
Fix notifying client about completed request twice
under certain circumstances. -CG
Tue May 13 18:24:37 CEST 2014
Fix accidental transmission of footer termination '\r\n'
for responses with zero byte payload and non-chunked
encoding (#3397). Thanks to amatus for reporting. -CG
Sun May 4 11:05:26 CEST 2014
Fix gnutls header check to make it cross-compile aware. -BK
May 2 20:22:45 CEST 2014
Fix infinite loop (DoS) when HTTP connection is reset (#3392). -GM
Fix possible issue from combination of epoll and suspend/resume
logic if edge trigger event is lost; also simplify logic to
maintain simpler invariants on the epoll state. -CG
Use OpenSSL cipher list "HIGH" in libmicrospdy (#3391). -CG
Releasing 0.9.35. -CG
Thu Apr 10 09:39:38 CEST 2014
Removed unescaping for URI path (#3371) as '+' should not
be converted to space in accordance with
http://www.w3.org/TR/html401/appendix/notes.html#ampersands-in-uris
and http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.1
Note that we now also no longer convert '#38;' to '&'; if needed,
the application needs to apply unescaping to the path of the URI
itself (before, MHD unescaped '#38;' but not '&', so this
inconsistency was now resolved by simply not unescaping anything
before the first '&'). -CG
Tue Apr 08 15:35:44 CET 2014
Added support for W32 native threads.
Added --with-threads=LIB configure parameter. -EG
Mon Apr 7 13:25:30 CEST 2014
Add MHD_OPTION_HTTPS_MEM_DHPARAMS to allow applications
to enable PFS. -HB/CG
Tue Apr 01 07:10:23 CET 2014
Added usage of native mutex on W32. -EG
Sat Mar 29 16:12:03 CET 2014
Added MHD_is_feature_supported() function. -EG
Thu Mar 27 14:47:54 CET 2014
Used larger FD_SETSIZE internally on W32.
Extended API to work with non-default FD_SETSIZE. -EG
Tue Mar 25 12:53:55 CET 2014
Fix limiting by IPv6 address. -EG
Tue Mar 25 09:06:13 CET 2014
Added more FD_SETSIZE checks.
Implemented FD_SETSIZE checks for W32. -EG
Wed Mar 05 13:15:05 CET 2014
Cleanup and refactoring of configure.ac.
m4 macros updated.
Custom configure macros replaced with autoconf archive macros.
SPDY disabled by default on W32.
Changed configure flag from '--disable-pipe' to
'--enable-socketpair'.
Added configure flags '--disable-doc' and '--disable-examples'.
Narrowed down extrenal lib specific compiler and linker flags
usage. -EG
Wed Feb 26 17:42:34 CET 2014
Refactoring of configure.ac: custom macros replaced with macros
from Autoconf Archive.
Minor corrections of configure.ac.
Excluded pthread flags from global flags, pthread now used only
where required.
W32: fixed .dll resource compilation with '-isystem' CPPFLAG.
W32: improved header compatibility with MSVC.
W32: now tested on Win64, compiled by MinGW-w64. -EG
Mon Feb 24 23:13:53 CET 2014
Added support for TCP FASTOPEN. -SHT
Releasing 0.9.34. -CG
Thu Feb 20 14:17:05 CET 2014
W32: Added creation of libmicrohttpd.lib, libmicrohttpd.def,
libmicrohttpd.exp and libmicrohttpd-static.lib for easy use
compiled MHD with MSVC.
W32: Use MS lib.exe tool if available for creating MSVC staff.
W32: Added .dll information resource. -EG
Tue Feb 18 19:46:45 CET 2014
Removed dependency on plibc for simpler compilation for W32.
Added configure option "--disable-pipes" to use socketpairs
instead of pipes for signalling to child threads. Pipes are
always disabled on W32.
Some code refactoring. -EG
Sat Feb 8 15:08:35 CET 2014
Corrected some uses of 'int' vs. 'size_t'. -EG/CG
Wed Jan 22 09:44:33 CET 2014
MHD_USE_DUAL_STACK in libmicrohttpd currently just *inhibits
setting* the IPV6_V6ONLY socket option, but per Microsoft's
documentation the default on Windows is that this is enabled, thus
MHD_USE_DUAL_STACK will not work (since it leaves the
default). libmicrohttpd should probably just unconditionally set
IPV6_V6ONLY to the desired value when the option is available. -LJ
Wed Jan 1 21:38:18 CET 2014
Allow Keep-Alive with HTTP 1.0 (if explicitly requested),
and automatically set "Connection: Keep-Alive" in response
in this case as well. -CG
Tue Dec 24 12:27:39 CET 2013
Adding explicit annotations to hide symbols that are not for
export in the C code (gcc 4.0 or higher only). -CG
Sun Dec 22 14:54:30 CET 2013
Adding a few lines to avoid warnings from picky compilers. -CG
Sat Dec 21 17:26:08 CET 2013
Fixed an issue with a missing argument in the postexample.
Fixed issue with bogus offset increment involving sendfile
on GNU/Linux. Adding support for SNI.
Releasing 0.9.33. -CG
Mon Dec 9 21:41:57 CET 2013
Fix for per-worker daemon pipes enabled with
MHD_USE_SUSPEND_RESUME that were not closed in
MHD_stop_daemon. -MH
Sat Dec 7 00:44:49 CET 2013
Fixing warnings and build issue if --disable-https is given
to configure. -CG
0.35 Wed Jan 07 12:00:00 CT 2014
- Specify a version of JSON::MaybXS in the Makefile to close a test
failure (test case requires version '1.003000' so we made that the
required version).
5.72 2015-01-11
- Added EXPERIMENTAL support for case-insensitive attribute selectors like
[foo="bar" i] to Mojo::DOM::CSS.
- Added max_lines attribute to Mojo::Headers.
- Improved Mojo::Reactor::EV to update the current time before starting a
timer.
- Improved error messages for start-line and header limits.
- Fixed bug in Mojo::Headers where max_line_size was not checked correctly.
- Fixed whitespace bug in Mojo::DOM::CSS.
- Add ${PERL5_LICENSE}
- Add post-patch: target to remove garbage
(upstream)
Update 2.28 to 2.29
2.29 2005-12-10
- Fixed the setCookie() domain checking to be domain agnostic.
- Fixed the print(css => []) issue where entries were not being displayed
one to a line, unless you had postfixed them with \n.
- If you don't specify a -Options hashref for a select box, it now creates
an empty one for you instead of blowing an error since this is a usefull
and valid case.
- Added #VALUE=x# for Feature Request 1398696.
- Worked on fixing Bug#1453214 by making the formSubmittedVariable only be
required when we have form items that depend on it to know what state they
are in. checkbox, select, multi-select, select-picker all depend on it.
- Worked on fixing Bug#1284264 by making the required string only be displayed
when there are user visible required items. Improved the createTemplate()
output to take this into account and to only display the table elements when
there are user visible form items defined.
- Fixing bug #1454087.
1.003 2014-01-17
- Fixed a bug where the module died when a network error occured
1.002 2014-01-11
- Fixed the module and the tests to handle properly the case
when we reach the daily 10-pastes limit.
1.001 2014-01-07
- Resurrected the module for use with App::Nopaste
1.73 2013-08-24
========================================
[TESTS]
- Update t/local/back.t to use LocalServer for 404 checking to avoid fails
on win32. Fix by Matt S Trout, patient diagnostics and testing provided
by jayefuu of freenode #perl
- Blow away more proxy env vars in LocalServer, and do it on load so that
the LWP env checking doesn't happen before we've done it.
[OTHER CHANGES]
- Better error when passing only one parameter to follow_link
2014-11-28 Kingpin <Martin@EV-9D9>
* lib/WWW/Amazon/Wishlist.pm (get_list): fixed now that HTML page
layouts are same
2013-12-14 Kingpin <Martin@EV-9D9>
* lib/WWW/Amazon/Wishlist.pm (_extract): fixed for new HTML page layouts
Upstream changes:
Release date: 12 January, 2015
Here is the full list of fixed issues in 2.8.2.
CONTENTS [hide]
1 Highlights
2 Functional changes
3 API changes
4 UI changes
5 Security issues
6 Fixes and improvements
7 See also
Highlights
MDL-40241 - Default Manager and Teacher role are able to manually mark course as completed
MDL-46442 - Notifications about assignment re-submissions are sent
MDL-43462 - EditPDF correctly shows landscape PDFs
MDL-43679 - Clicking link to Moodle in MS Word no longer results "You are already logged in" message
Functional changes
MDL-42717 - Ensure automated backup files are deleted when an error occurs because of directory permissions
MDL-47601 - Ensure old automated backups are deleted including the case when file name is renamed from language string
MDL-48023 - Changed "Cache-control: private" to "public" on public static files to increase performance
MDL-48224 - In the Task API, each adhoc and scheduled task now has it's own SMTP buffer, and the legacy cron has one buffer for all tasks. Previously scheduled tasks had no buffer, and the legacy cron had a buffer only for tasks of activity modules.
MDL-33606 - Make distinction between all section course view and a single section course view log entry
API changes
MDL-44657 - No more Javascript error when the form class is namespaced
MDL-22309 - get_role_users() works correctly when a user is assigned more than one role
MDL-48697 - Completion directory is recognized by Moodle as a valid component directory
MDL-48495 - Limit protocols supported by curl by default
UI changes
MDL-35078 - End date for self enrolment on the bulk enrolment form now also contains time
MDL-42501 - Added help about deleting grades in the course reset form
MDL-48206 - Wider textarea for the comments in the comments block
Security issues
A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
Fixes and improvements
MDL-40097 - Course completion role criteria no longer causes fatal error
MDL-35494 - User is able to restore an activity even when they own only one course
MDL-20304 - Practice lesson does not appear in Gradebook [Patch]
MDL-45324 - Grading notifications are not sent before the grades are released to students
MDL-47133 - Keyboard shortcuts in Atto do not interfere with regional keyboard settings
MDL-37704 - Possible to lock Description field in users' profiles
MDL-36240 - Calendar events from activities are restored even without user data
MDL-14908 - Parent Role can view courses for students that are in groups
MDL-46472 - Fixed upgrade loop caused by undeletable themes
MDL-31822 - Non-default section name is shown at the site level
MDL-47475 - PDF annotation is visible by all students in the team and not only by the one who made a submission
MDL-47993, MDL-48088 - Correctly parse dates with timezones when importing from Microsoft calendar
MDL-48150 - Fixed a bug whereby only the first post in a forum was sent with the correct headers on each run of cron
MDL-48288, MDL-48191 - Grader report's floating headers work correctly when email or average row is hidden
MDL-48179 - Backup progress no longer times out when compressing large backup
MDL-48164 - 'Reply to email' does not result in out-of-office replies posted in forum
0.60 Fri Dec 26 22:00 GMT 2014
- Make two test cases compatible with Catalyst 5.90080+ changes
to encoding (UTF8 because default).
- Added a new test case that runs only under 5.90080 and makes
sure that expected UTF8 stuff works.
0.59 Mon Jan 13 11:23 GMT 2014
- Use Class::Load instead of Class::MOP::load_class(). RT#90978
- Fix typos in POD and comments. RT#85171
0.58 Sat Jun 30 17:01 BST 2012
- Fix external server test.
- Fix infinite redirects. RT#76614
- Make fail to start server more verbose. RT#77174
- Fix test skip count. RT#77181
0.57 Wed Apr 4 10:03 BRT 2012
- Fixed RT 52270
