| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
+p5-HTML-StripScripts-Parser
|
|
HTML::StripScript::Parser
===========
This class provides an easy interface to HTML::StripScripts, using
HTML::Parser to parse the HTML.
|
|
HTML::StripScript
===========
This module strips scripting constructs out of HTML, leaving as much
non-scripting markup in place as possible. This allows web applications
to display HTML originating from an untrusted source without introducing
XSS (cross site scripting) vulnerabilities.
|
|
- assume that Python 2.4 and 2.5 are compatible and allow checking for
fallout.
- remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+
default. Modify the others to deal with the removals.
|
|
|
|
pkgsrc:
- Fix acceptable python versions
- Supports DESTDIR
From ChangeLog: Added James Bowes' SSL patch to use M2Crypto when available.
|
|
Bump PKGREVISION.
|
|
* Don't output a date header from System.Web, let xsp do it
* Bug fixes: #376352, #371581, #379890, #379888, #377904 #363404
|
|
only necessary because PKG_DESTDIR_SUPPORT must be defined before
bsd.prefs.mk is included.
|
|
|
|
1.30 November 26, 2007
Added t_write_test_lib for temporary testing packages
[Fred Moyer <fred@redhotpenguin.com>]
Fix syntax error in generated PHP files t/conf/*.php.in
[Philippe M. Chiasson]
Add bwshare.so to the list of modules to not inherit b/c
it rate limits requests to less then that of a test suite.
PR: 25548
[imacat <imacat@mail.imacat.idv.tw>]
Add EXTRA_CFLAGS to c-module building if defined in the environment
[Geoffrey Young]
|
|
1.20 Wed Mar 12 23:56:11 CDT 2008
-----------------------------------
[FIXES]
stuff_inputs() used to do nothing. Now it works.
http://code.google.com/p/www-mechanize/issues/detail?id=9
Fixed punctuation in some error messages.
Fixed compatibility with WWW::Mechanize 1.36.
1.18 Thu Dec 6 10:12:14 CST 2007
------------------------------------
[ENHANCEMENTS]
Added default descriptions for most test assertions.
[FIXES]
HTML::Lint is now properly optional.
Added delays in all the tests that use HTTP::Server::Simple to give
it time to correctly fire up.
1.16 Mon Oct 29 15:34:21 CDT 2007
------------------------------------
[ENHANCEMENTS]
Added $mech->post_ok(). Thanks, Greg Sheard.
Added $mech->submit_form_ok(). Thanks, Mark Stosberg.
Added $mech->html_lint_ok()
[FIXES]
Fixed some bugs that were causing test failures.
1.14 Fri May 11 16:22:02 CDT 2007
------------------------------------
[FIXES]
Fixes test failures. Thanks to Mark Blackman for RT #26602:
The module tests currently spawn a server (based on
HTTP::Server::Simple::CGI) which is killed when a __DIE__
signal is received, normally only when the invoking
perl dies. However, as perlvar makes clear, the __DIE__
signal is received when eval blocks die as well. The
new version (1.22) of WWW::Mechanize now calles
HTTP::Message::decoded_content which calls Encode.pm
which has a eval block that require's Encode::ConfigLocal
which is usually not present, so the eval dies and the
HTTP server is killed as soon as the $mech object tries
to do a 'get'. It's simple to use a system variable,
$^S to find out if the __DIE__ signal is being called
for an eval so we ignore that case with the patch
attached.
The stuff_inputs() function now actually works.
[DOCUMENTATION]
* Made the synopsis show that T:W:M doesn't take the tests=>$x
like other Test::* modules. It'd be nice if it did, though.
|
|
0.31 Sun Mar 16 20:51:04 EDT 2008
* Test suite parallelization fixes. Thanks to Slaven Rezic
0.30 Tue Mar 11 12:14:24 EDT 2008
* Minor doc fix from Paul Miller.
* Fixing doc style from "$this" to "$self" like any self-respecting perl code
0.29 Fri Feb 15 11:43:29 EST 2008
* new example section from almut on perlmonks
0.28 Tue Jan 15 09:33:58 EST 2008
* New restartability support from Mark Stosberg
After reviewing the code in HTTP::Server::Simple,
Catalyst::Engine::HTTP and HTTP::Server::Brick, I found and
implemented an updated signal handling approach that I like and
understand, and actually works.
The current code restarted immediately if a SIGHUP came in, no
matter what was happening, including if a request was in process of
being fulfilled.
The new code works more like "apachectl graceful". It waits for the
current request cycle to finish, and then restarts the server.
This code has to be integrated in the core, but its just about
the same amount of signal handling code that was there... it just
works better. It's also written in such a way I think subclass/mixin
authors could rewrite just these parts if they wanted.
Also, it looks like a Net::Server based sub-class would already be
doing its own thing with SIGHUP handling, and should continue to
be unaffected.
|
|
1.86 2008-02-01 by Alexandr Ciornii
- Default number of semaphores for *BSD is 8 in Apache::Session::Lock::Semaphore
1.85_01 2008-01-24 by Alexandr Ciornii
- typos corrected (catched by Gerald Fox)
- more tests and diag in 99semaphore.t
- no warning "disconnect invalidates 2 active statement" in
Apache::Session::Lock::MySQL by Tony Cook (RT#32148)
1.85 2007-12-20 by Alexandr Ciornii, Perl 20th birthday version
- mention Catalyst::Plugin::Session, Session
1.84_01 2007-11-26 by Alexandr Ciornii (alexchorny AT gmail.com)
- Added Apache::Session::Lock::Semaphore::remove to remove semaphore
- 99flex.t will remove semaphore (RT#30440)
- 99flex.t should work on 5.6.1 again (no chdir now)
- 99flex.t will clean all temporary files (RT#30209)
- pod.t included in MANIFEST
- cleaner tests
1.84 2007-10-02 by Alexandr Ciornii (alexchorny AT gmail.com)
- Added constant.pm to the list of prerequisites
- Jeffrey W. Baker, Casey West, Alexandr Ciornii, Oliver Maul agreed to
change license of all files to Perl license
Alexandr Ciornii agrees to relicense to Artistic 2.0 in future if needed.
- 99flex.t will be skipped on *bsd and Solaris
1.83_01 2007-08-03 by Alexandr Ciornii
- better handling of Storable errors by Rick Delaney (RT#27476)
1.83=1.82_05 2007-05-25
1.82_05 2007-05-14 by Alexandr Ciornii
- skipping part of 99flex.t on NetBSD
1.82_04 2007-04-27 by Alexandr Ciornii
- More diagnostics in Apache::Session::Lock::Semaphore::acquire_write_lock,
acquire_read_lock
- Did not increment modules versions in previous versions of distribution
- Apache::Session::Lock::Semaphore can work with private semaphore
- 99flex.t will use private semaphore
- 99dbfile.t, 99dbfilestore.t - added undef (for RT#6216)
1.82_03 2007-03-12 by Alexandr Ciornii
- Apache::Session::Lock::File checks flock success (RT#6936)
- Apache::Session::Lock::File will not change to shared lock if write
lock is in effect and read lock is requested (RT#7072)
- 99dbfile.t, 99dbfilestore.t - added untie (for RT#6216)
- Apache::Session::Lock::Semaphore will check for $Config{d_semget} and
cygserver
1.82_02 2007-03-11 by Alexandr Ciornii
- 99semaphore.t, 99flex.t will be skipped if $Config{d_semget}==undef,
patch by Slaven Rezic
- Removed redundant code in 99filelock.t
- Removed unnecessary skip in 99nulllock.t
- Added file 'Contributing.txt'
- Apache::Session - mention CGI::Session
- Request in Makefile.PL
1.82_01 2007-03-10 by Alexandr Ciornii
- Applied part of patch of SREZIC (Slaven Rezic), RT#3670,
more diagnostics on failing file operations (Apache::Session::Lock::File,
Apache::Session::Store::DB_File, Apache::Session::Store::File)
- RT#1251, ModUniqueId.pm, ModUsertrack.pm - small error in Carp usage,
by Slaven Rezic
- 99flex.t will be skipped on perls earlier than 5.8 (RT#16539)
- Requires Storable (core from 5.7.3), as it is almost useless without it
|
|
2.0.4 April 16, 2008
Fix $r->location corruption under certain conditions
[Gozer]
Fix a crash when spawning Perl threads under Perl 5.10
[Gozer]
Fix erratic behaviour when filters were used with Perl 5.10
[Gozer]
Fix problems with redefinitions of perl_free as free and perl_malloc
as malloc on Win32, as described at
http://marc.info/?l=apache-modperl&m=119896407510526&w=2
[Tom Donovan]
Fix a crash when running a sub-request from within a filter where
mod_perl was not the content handler. [Gozer]
Refactor tests to use keepalives instead of same_interp [Gozer, Phred]
Apache2::Reload has been moved to an externally maintained
CPAN distribution [Fred Moyer <fred@redhotpenguin.com>]
PerlCleanupHandler are now registered with a subpool of $r->pool,
instead of $r->pool itself, ensuring they run _before_ any other
$r->pool cleanups [Torsten Foertsch]
Fix a bug that would prevent pnotes from being cleaned up properly
at the end of the request [Torsten Foertsch]
On Win32, embed the manifest file, if present, in mod_perl.so,
so as to work with VC 8 [Steve Hay, Randy Kobes]
Expose apr_thread_rwlock_t with the APR::ThreadRWLock module
[Torsten Foertsch]
Don't waste an extra interpreter anymore under threaded MPMs when using a
modperl handler [Torsten Foertsch]
Fix a bug that could cause a crash when using $r->push_handlers() multiple
times for a phase that has no configured handlers [Torsten Foertsch]
Catch up with some httpd API changes
2.2.4:
The full server version information is now included in the error log at
startup as well as server status reports, irrespective of the setting
of the ServerTokens directive. ap_get_server_version() is now
deprecated, and is replaced by ap_get_server_banner() and
ap_get_server_description(). [Jeff Trawick]
2.3.0:
ap_get_server_version() has been removed. Third-party modules must
now use ap_get_server_banner() or ap_get_server_description().
[Gozer]
fixed Apache2::compat Apache2::ServerUtil::server_root() resolution
issues [Joshua Hoblitt]
*) SECURITY: CVE-2007-1349 (cve.mitre.org)
fix unescaped variable interprolation in regular expression
[Randal L. Schwartz <merlyn@stonehenge.com>, Fred Moyer <fred@redhotpenguin.com>]
Make $r->the_request() writeable
[Fred Moyer <fred@redhotpenguin.com>]
fix ModPerl::RegistryCooker::read_script to handle all possible
errors, previously there was a case where Apache2::Const::OK was
returned on an error. [Eivind Eklund <eeklund@gmail.com>]
a minor compilation warning resolved in modperl_handler_new_from_sv
[Stas]
a minor compilation warning resolved in modperl_gtop_size_string
[Stas]
Prevent direct use of _deprecated_ Apache2::ReadConfig in
<Perl> sections with httpd Alias directives from
incorrectly generating
'The Alias directive in xxxxx at line y will probably never match'
messages.
[Philip M. Gollucci <pgollucci@p6m78g.com>]
Prevent Apache2::PerSections::symdump() from returning invalid
httpd.conf snippets like 'Alias undef'
[Philip M. Gollucci <pgollucci@p6m78g.com>]
Require B-Size 0.9 for Apache2::Status which fixes
Can't call method "script_name" on an undefined value
[Philip M. Gollucci <pgollucci@p6m78g.com>]
-march=pentium4 or anything with an = in it in CCFLAGS or @ARGV
that gets passed to xs/APR/APR/Makefile.PL broke the @ARGV
parsing. I.E. FreeBSD port builds when users had CPUTYPE
set in /etc/make.conf.
[Philip M. Gollucci <pgollucci@p6m7g8.com>]
Fixes to get bleed-ithread (5.9.5+) to comile again.
[Philip M. Gollucci <pgollucci@p6m7g8.com>]
|
|
take precedence.
|
|
|
|
It's been less than a day, so I hope it won't bite anyone.
|
|
2008-04-16 Gisle Aas <gisle@ActiveState.com>
Release 5.812
Gisle Aas (6):
Typo fix.
Simplified Net::HTTP::Methods constructor call.
Croak if Net::HTTP constructor called with no argument.
Avoid calling $self->peerport to figure out what the port is.
5.811 breaks SSL requests [RT#35090]
Make test suite compatible with perl-5.6.1.
Toru Yamaguchi (1):
Wrong treatment of qop value in Digest Authentication [RT#35055]
2008-04-14 Gisle Aas <gisle@ActiveState.com>
Release 5.811
Gisle Aas (6):
Avoid "used only once" warning for $Config::Config.
Make HTTP::Request::Common::PUT set Content-Length header [RT#34772]
Added the add_content_utf8 method to HTTP::Message.
Typo fix.
Retry syscalls when they fail with EINTR or EAGAIN [RT#34093,32356]
Allow HTTP::Content content that can be downgraded to bytes.
Gavin Peters (1):
HTML::Form does not recognise multiple select items with same name [RT#18993]
Mark Stosberg (1):
Document how HTTP::Status codes correspond to the classification functions [RT#20819]
Robert Stone (1):
Allow 100, 204, 304 responses to have content [RT#17907]
sasao (1):
HTTP::Request::Common::POST suppressed filename="0" in Content-Disposition [RT#18887]
2008-04-08 Gisle Aas <gisle@ActiveState.com>
Release 5.810
Gisle Aas (10):
Small documentation issues [RT#31346]
Explain $netloc argument to $ua->credentials [RT#31969]
Make lwp-request honour option -b while dumping links [RT#31347]
Ignore params for date convenience methods [RT#30579]
Get rid of all the old CVS $Keyword:...$ templates. Set $VERSION to 5.810.
Update Copyright year.
Drop some sample URLs that were failing.
Complement the HTTP::Status codes [RT#29619]
Don't allow HTTP::Message content to be set to Unicode strings.
Refactor test for Encode.pm
Ville Skytta (3):
Spelling fixes [RT#33272]
Trigger HTML::HeadParser for XHTML [RT#33271]
Escape status line in error_as_HTML, convert to lowercase [RT#33270]
Alexey Tourbin (2):
Typo fix [RT#33843]
Protocol/file.pm: postpone load of URI::Escape and HTML::Entities [RT#33842]
Daniel Hedlund (1):
HTML::Form Module and <button> element clicks
Adam Kennedy (1):
HTTP::Cookies handle malformed empty Set-Cookie badly [RT#29401]
Jacob J (1):
[HTTP::Request::Common] Does not handle filenames containing " [RT#30538]
Rolf Grossmann (1):
Allow malformed chars in $mess->decoded_content [RT#17368]
FWILES (1):
Croak if LWP::UserAgent is constructed with hash ref as argument [RT#28597]
Adam Sjogren (1):
Disabled, checked radiobutton being submitted [RT#33512]
DAVIDRW (1):
warn if TextInput's maxlength exceeded [RT#32239]
|
|
|
|
www/htmldoc
www/htmldoc-x11
The latter is now just www/htmldoc built with a specific set of options.
Changes include:
+ Add options.mk that supports a new option:
htmldoc-gui Build with GUI support
+ Remove Makefile.common and move all logic into htmldoc/Makefile and
htmldoc/options.mk.
+ Add full DESTDIR support.
+ Bump the PKGREVISION for htmldoc and htmldoc-x11 to 7. Both packages
now track and use the same PKGREVISION number.
|
|
it any longer.
Fixes build problem in evolution:
> ===> Creating toolchain wrappers for evolution-2.22.1
> ERROR: libgnomeprintui is not installed; can't buildlink files.
Bump BUILDLINK_ABI_DEPENDS.gtkhtml314 for dependency change.
|
|
changes:
-bugfixes
-translation updates
|
|
|
|
* Fixed a nasty bug introduced in 0.1.3 that caused a memory leak
and resulted in the index page (/) not being cached properly.
|
|
heel into a Rack application built on top of Thin.
|
|
* [bug] Rescue all types of errors when processing request
* [bug] Use Swiftiply backend when -y option is specified
* Allow passing port as a string in Server.new
* Define deferred?(env) in your Rack application to set if a request
is handled in a thread (return true) or not (return false).
|
|
|
|
Based on patch provided by Zafer Aydogan via private mail.
This update to 2.6.1 contains all patches from the Debian package:
- various bug fixes
- uploading under the temporary name `weex.tmp' with the RenameOK option
- support for FTP proxy server that requires challenge/response
- The i386 RPM was compiled on RedHat 9
- You should be able to "rpmbuild --rebuild" the SRPM on older RedHat releases
or other RPM based distros.
pkgsrc changes:
* project now on sourceforge
* no need patch to fix localedir (patch-ac)
* need msgfmt to build
* need gettext-lib
* add DESTDIR support
|
|
Version 3.35
1. Resync with bleadperl, primarily fixing a bug in parsing semicolons in uploaded filenames.
Version 3.34
1. Handle Unicode %uXXXX escapes properly -- patch from DANKOGAI@cpan.org
2. Fix url() method to not choke on path names that contain regex characters.
Version 3.33
1. Remove uninit variable warning when calling url(-relative=>1)
2. Fix uninit variable warnings for two lc calls
3. Fixed failure of tempfile upload due to sprintf() taint failure in perl 5.10
Version 3.32
1. Patch from Miguel Santinho to prevent sending premature headers under mod_perl 2.0
Version 3.31
1. Patch from Xavier Robin so that CGI::Carp issues a 500 Status code rather than a 200 status code.
2. Patch from Alexander Klink to select correct temporary directory in OSX Leopard so that upload works.
3. Possibly fixed "wrapped pack" error on 5.10 and higher.
Version 3.30
1. Patch from Mike Barry to handle POSTDATA in the same way as PUT.
2. Patch from Rafael Garcia-Suarez to correctly reencode unicode values as byte values.
|
|
pkgsrc changes: replace MAKE_FLAGS+= INCLUDES="-I${LOCALBASE}/include/httpd"
with MAKE_FLAGS+= INCLUDES="-I${BUILDLINK_PREFIX.apache}/include/httpd"
Version2.2 (Jul 31st 2007)
1. Support configuration "PassHeader"
Thank Hans Christian Saustrup for the suggestion.
2. Support apr_shm_remove() in httpd.2.0.X
Thank Hans Christian Saustrup for bug report.
3. Support configuration "TimeScore"
Thank Tim Jensen for the patch.
4. Support new configurations "MaxRequestInMem" and "MaxRequestLen"
If the length of http request longer than "MaxRequestInMem", it will store in tmp file.
It the length of http request longer than "MaxRequestLen", it will return internal server error.
Thank Gabriel Barazer(gabriel at oxeva.fr) for the bug report.
Thank Steffen(info at apachelounge.com) for the help on this issue.
5. Fix miner Sanity check bug
Thank Yuya Tanaka for bug report
UNIX&Win32 source: mod_fcgid.2.2.tar.gz
Version2.1 ( Feb 15th 2007 )
1. Add missing config.m4 and Makefile.in for static linking
Thank Mark Drago for notice
2. FCGIWrapper disallowed in .htaccess
Thank Balinares for patch
3. Bug fix. Authoritative flag reversed
Thank Chris Darroch for the patch
4. Support arguments in FCGIWrapper
Thank Andre Nathan for suggestion and great help on testing it.
5. Support new config "SharememPath", which specifies the location of share memory path.
6. Check running user is root or not, while suexec is enabled.
Thank Chris Holleman for the bug report.
7. Bug fix. Should not pass respond to auth checkers.
Thank Szabolcs Hock for bug report.
|
|
Security fixes in this version:
MFSA 2008-20 Crash in JavaScript garbage collector
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.14/releasenotes/
|
|
package, labeling 314 as newer than 38.
|
|
PKG_SYSCONFSUBDIR.
Bump PKGREVISION
|
|
|
|
Version 1.5.9 released
2008-02-17, 08:58 GMT
2008-01-25
- Added Ukrainian translation (Anton Lytvynenko)
2008-01-09
- Include Debian patch #403812, FTBFS on GNU/kFreeBSD
- Mark unread now toggles read status, Debian bug #394312
Version 1.5.8 released
2008-01-09, 08:15 GMT
1.5.8 has made it... somehow. Well actually this is just a small change
which adds two new translations and build fixes as well as moving the
manpages to share/ hierachy.
In other words, I have lost track of the changes. ;)
I'm currently going through the Debian bugtracker and integrate most of
what's pilled up there.
|
|
This switches to the gnome-2.22 release branch.
|
|
This switches to the gnome-2.22 release branch.
|
|
This switches to the gnome-2.22 release branch.
|
|
merb-sequel to 1. In that commit, the dependency was bumped at the
package level, but gems also track dependencies independently of
pkgsrc, so patch the Rakefile to:
+ Bump the dependency on sequel to 1.4.0.
+ Remove the dependency on sequel_model, which was merged into the
main sequel package as of version 1.4.0.
|
|
of the dependencies are too new and this uses symbols that are now
deprecated. Based on similar fix to gtkhtl314.
|
|
* When creating or editing a blog post or page, the preview is displayed above
the edit form rather than below it.
* Spaces in blog post URLs are replaced with - rather than _ (this change will
only affect new posts; existing post URLs will not be changed).
* Blog posts provide Atom feeds for recent comments.
* Tag pages provide Atom feeds for posts with that tag.
* Blog posts are marked up using the hAtom microformat.
* Thoth auto-generates an XML sitemap at http://yourblog.com/sitemap (set
site.enable_sitemap to false to disable).
* Comment URLs are built using the name of the post the comment is attached to
rather than the id.
* Fixed a bug that prevented Atom and RSS feeds from being cached when
server-side caching was enabled.
* Fixed entry titles in Atom feeds claiming to be type="html" when in fact
they weren't.
* Fixed a bug that sometimes caused flash messages to be cached with the
output of an action and re-displayed until the cached action expired.
|
|
problems apparently caused by newer versions of some dependencies.
Based on suggestion by Matthias Drochner.
|
|
Release 1.36
<gerard@tty.nl>: Escape Unicode strings as UTF-8.
Bjoern Hoehrmann <derhoermi@gmx.net>: fixed URL encoded data: URLs
GAAS: uri_escape_utf8() now exported by default as documented.
BDFOY: Test fails with Business::ISBN installed [RT#33220]
JDHEDDEN: lc(undef) reports warning in blead [RT#32742]
GEOFFR: add some tests for gopher URIs [RT#29211]
|
|
* Fix server crash when header too large.
* Add --require (-r) option to require a library before executing your
script.
* Rename --rackup short option to -R, warn and load as rackup when file
ends with .ru.
* List supported adapters in command usage.
* Add file adapter to built-in adapter, serve static files in current
directory.
* Allow disabling signal handling in Server with :signals => false
* Make Server.new arguments more flexible, can now specify any of host,
port, app or hash options.
* Add --backend option to specified which backend to use.
* Serve static file only on GET and HEAD requests in Rails adapter.
* Add threaded option to run server in threaded mode; calling the
application in a thread allowing for concurrency in the Rack adapter.
* Guess which adapter to use from directory (chdir option) or use
specified one in 'adapter' option.
|
|
databases/ruby-sequel as of version 1.4.0.
+ Update dependencies for www/thoth and www/merb-sequel to reflect
removal of ruby-sequel-model -- use ruby-sequel instead. Bump the
PKGREVISION for these two packages.
|
|
through PLIST_SUBST to the plist module.
|
|
enable 25)
|
|
This release fixes a freeze when migrating from v1.0.x and also solves
some problems with search folders.
|
|
|
