Changes:
* Fixed a nasty security hole in htsearch, which would allow users to
view any file on your site that had read permission.
* Fixed a bug that could cause problems with 8-bit characters on some
systems.
* Made some attempts to get htsearch's output to be more HTML 4.0
compliant. It quotes all HTML tag parameters, and uses ";" instead of
"&" as parameter separator in URLs for next pages. Reserved characters
in parameters are now encoded.
* Fixed handling of SGML entities: htdig will still decode them to store
as single characters in the database, but htsearch now encodes some of
them back for compliant results.
* Added two new formats for variables in htsearch templates, $%(var),
which escapes the variable for a URL, and $&(var), which HTML-escapes
the variable as necessary.
* Fixed htdig's handling of robots.txt, such that only the first
applicable User-agent field bearing its name will be used, rather than
only the last.
* Fixed htdig's handling of servers that return 2-digit years.
* Fixed handling of embedded quotes in quoted string lists.
* Fixed handling of relative URLs with trailing ".." or leading "//".
* Fixed handling of the valid_extensions attribute, which sometimes
failed in the previous version.
* Enhanced the handling of local filesystem indexing with the local_urls,
local_user_urls or local_default_doc attributes, which now allow
multiple directory or file names to be tried.
* Added the build_select_lists attribute to allow the config file to
specify <select> form elements in htsearch output as a template
variable, much like $(SORT) and $(METHOD).
* Added support for two additional configuration attributes:
max_keywords, and nph.
* A variety of other bug fixes, and many documentation updates. See the
ChangeLog for details.
ad461c677b