| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
= 1.4.5 / 2014-04-08
* Improve tests and documentation. (Seiichi Yonezawa, Mike Gehard, Andrew
Deitrick, Matthew Nicholas Bradley, GoGo tanaka, Carlos Lazo, Shim Tw,
kyoendo, Roman Kuznietsov, Stanislav Chistenko, Ryunosuke SATO, Ben Lewis,
wuleicanada, Patricio Mac Adden, Thais Camilo)
* Fix Ruby warnings. (Vipul A M, Piotr Szotkowski)
* Fix template cache memory leak. (Scott Holden)
* Work around UTF-8 bug in JRuby. (namusyaka)
* Don't set charset for JSON mime-type (Sebastian Borrazas)
* Fix bug in request.accept? that might trigger a NoMethodError. (sbonami)
|
|
|
|
A number of support methods and extensions for Padrino framework.
|
|
Bump PKGREVISION.
|
|
Upstream changes:
Moodle-2.8.3
Highlights
MDL-47935 - Atto Autosave message no longer covers text you are editing
MDL-44560 - Pagination in glossary category works correctly when entries have multiple categories
MDL-47792 - Course and Activity Completion Reports display vertical text without truncating
Functional changes
MDL-43386 - Lesson grade essay responses preserve HTML formatting
MDL-14730 - Allow linking to pages inside a lesson
MDL-47761 - Explanation is given to the users why they are unable to enrol in the course
MDL-47871 - Event monitor: Teacher can duplicate System rule
UI changes
MDL-44907 - Better styling of admin setting validation messages in bootstrapbase
MDL-48596 - Lesson editing page has correct layout used by other editing pages and does not obstruct page with blocks
MDL-47166 - Atto: outdent button is shown first followed by indent button
Security issues
A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
Fixes and improvements
MDL-48765 - Improved icon alignment on course enrolment methods page
MDL-40285 - When assignment is submitted by one team member it is shown as submitted for all team members
MDL-38142 - User forum posts page no longer displays error for the hidden course
MDL-36877 - Final lesson page is displayed when course setting "Show gradebook to students" is set to "No"
MDL-48073 - Group filter is preserved when moving to next page of enrolled users
MDL-40326 - Course reset also resets lesson progress bar
MDL-48383 - Cron no longer warns about disabled enrol_imsenterprise after each scheduled task
MDL-48914 - Roles assignment page does not display user select if there are too many users preventing from php memory error
|
|
* CVE-2014-3583 mod_proxy_fcgi: Fix a potential crash due to buffer over-read, with response headers' size above 8K.
* CVE-2014-3581 mod_cache: Avoid a crash when Content-Type has an empty value. PR 56924.
* CVE-2014-8109 mod_lua: Fix handling of the Require line when a LuaAuthzProvider is used in multiple Require directives with different arguments.
* CVE-2013-5704 core: HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. Adds "MergeTrailers" directive to restore legacy behavior.
* Proxy FGI and websockets improvements
* Proxy capability via handler
* Finer control over scoping of RewriteRules
* Unix Domain Socket (UDS) support for mod_proxy backends.
* Support for larger shared memory sizes for mod_socache_shmcb
* mod_lua and mod_ssl enhancements
* Support named groups and backreferences within the LocationMatch, DirectoryMatch, FilesMatch and ProxyMatch directives.
|
|
|
|
--format-executable option of rubygems to reduce conflicts.
|
|
supplied directory_watcher package. Bump PKGREVISION.
|
|
Since 3.0.5
----------------
bugfix: Error when creating user from company view.
bugfix: Error when viewing empty custom property if it is of type=contact.
bugfix: Installer error, missing column 'can_update_other_users_invitations'.
Since 3.0.4.1
----------------
bugfix: Performance issue when changing workspace parent.
bugfix: Cannot add user from exisiting contact.
feature: System permission to let some users change event invitations state for other users.
Since 3.0.3.1
----------------
bugfix: Performance issue when ordering documents list by size.
Since 3.0.3
----------------
bugfix: do not show trashed comments on mails view.
bugfix: member tree filter not working properly in some cases.
bugfix: revision number in file view header shows the number including trashed revisions
bugfix: show more on users selector not working.
Since 3.0.2
----------------
feature: Choose if you want to exclude a client or project from automatic status changes.
feature: Added custom properties to choose a default status when creating a new project or client.
feature: When creating a new client, you can now choose if its a company, a contact, or nothing.
bugfix: Pending factor removed from automated status formulas.
bugfix: Dimension Members with no creation application log were not displayed on the Dimension member list in the Administration panel.
bugfix: Contact emails are not being displayed on the suggested emails.
bugfix: Dimension member selectors were not functioning on the contacts module.
bugfix: Object members were not being displayed correctly, and when more than possible to display were added, "and 1 more" was not displayed.
bugfix: cannot set permissions for users with the same user type to a project.
Since 3.0.1
----------------
bugfix: after removing a member from a task, refresh member status.
bugfix: after ading a task, refresh member status.
bugfix: after editing status formulas, refresh all members statuses.
bugfix: add billing view.
bugfix: performance problem displaying contacts birthday
feature: push tasks dates.
Since 3.0
----------------
bugfix: members permissions on breadcrumbs .
bugfix: located under selector on add tags view.
bugfix: custom properties with multiple values are not saving properly.
bugfix: files edit is not validating fields, and causing transaction rollback.
bugfix: error editing web document.
bugfix: undefined variable on filescontroller
bugfix: check mail function make a lot of work if the last mail on the system is not on the server.
bugfix: templates sub tasks.
bugfix: templates view.
bugfix: task titles on task list.
bugfix: mails view.
bugfix: in member permissions, don't allow to modify permissions of superior users
performance: download imap mails function.
Since 3.0-rc
----------------
bugfix: Enabled_dimensions where not inserted correctly by plugins installation.
bugfix: When uploading a file, blue button moves left and then returns to its original place.
bugfix: Logo is not clickable.
bugfix: When modal form is rendered and controller sends an error, screen is masked anyways.
bugfix: Don't show radio buttons to delete/write if role cannot delete or write (e.g.: collaboratos cannot delete som object types).
bugifx: Collaborators and guests should not have root permissions.
Since 3.0-beta
----------------
feature: Check max permissions per user role when adding/editing permissions.
bugfix: Do not show active context members on activity widget breadcrumbs.
bugfix: Activity widget says that some users have been unsubscribed.
Since 2.7.1.9
----------------
feature: Several improvements in user interface, experience and looks.
feature: New “Getting Started Wizard”.
feature: New workspaces selector.
feature: Improved user creation and management.
feature: Improved Task Management.
Since 2.7.1.8
----------------
feature: Allow to configure if parent permissions are inherited when creating a new workspace, client or project.
Since 2.7.1.7
----------------
bugfix: Active context member info widget reactivated.
bugfix: Permissions not saved when applying to all submembers and permissions tree is collapsed.
Since 2.7.1.6
----------------
bugfix: do not show trashed emails from other accounts.
bugfix: when adding a new member, inherit parent permissions.
bugfix: When saving permissions for a workspace, client or project, the mandatory dimensions were not being analyzed.
Since 2.7.1.5
----------------
bugfix: 'Unexpected token' error in tasks list.
bugfix: 'after_contact_view' hook was lost when contact view was changed.
Since 2.7.1.4
----------------
bugfix: task list actions
bugfix: missing config option auto_classify_attachments
Since 2.7.1.3
----------------
bugfix: repeating events not displayed correctly
bugfix: checkmail function from cron fail if the mail have attachments
Since 2.7.1.2
----------------
feature: Use "wkhtmltopdf" to convert custom reports to pdf
|
|
|
|
APCu is userland caching: APC stripped of opcode caching in preparation for
the deployment of Zend Optimizer+ as the primary solution to opcode caching
in future versions of PHP.
APCu has a revised and simplified codebase, by the time the PECL release is
available, every part of APCu being used will have received review and where
necessary or appropriate, changes.
Simplifying and documenting the API of APCu completely removes the barrier to
maintenance and development of APCu in the future, and additionally allows us
to make optimizations not possible previously because of APC's inherent
complexity.
APCu only supports userland caching (and dumping) of variables, providing an
upgrade path for the future. When O+ takes over, many will be tempted to use
3rd party solutions to userland caching, possibly even distributed solutions;
this would be a grave error. The tried and tested APC codebase provides far
superior support for local storage of PHP variables.
|
|
* pkgsrc change: change config directory's permission.
Version 3.4.3 (2015-01-30)
--------------------------
### Fixed
Consider the error reporting level in the install tool (see #7593).
### Fixed
Handle variables and functions when importing style sheets (see #7448).
|
|
* pkgsrc change: change config directory's permission.
Version 3.2.18 (2015-01-30)
---------------------------
### Fixed
Handle variables and functions when importing style sheets (see #7448).
### Fixed
Fix an infinite recursion problem in the `FilesModel` class (see #7588).
|
|
|
|
# Faraday Changelog
## v0.9.1
* Refactor Net:HTTP adapter so that with_net_http_connection can be overridden to allow pooled connections. (@Ben-M)
* Add configurable methods that bypass `retry_if` in the Retry request middleware. (@mike-bourgeous)
|
|
Version 0.11
------------
Released 2015/01/21
- Use the new reCAPTCHA API via `#164`_.
.. _`#164`: https://github.com/lepture/flask-wtf/pull/164
|
|
Version 2.0.2
-------------
Released January 18, 2015
- Added more localizations and updated some.
- Validators for email and URL can validate IDNA-encoded domain names and
new TLDs
- Better DeprecationWarnings
- Support localization files in /usr/share/locale (for distro packaging)
|
|
* Fix merge mistake.
|
|
PLIST:
* lib/firefox/libmozglue.so is built and installed as a shared
library on some platforms including Darwin.
mozilla-common.mk:
* Sandboxing support is only available when the toolkit is
cairo-cocoa.
* It tries to use MacOS X 10.6 SDK by default, which is not always
possible.
patches/patch-build_gyp.mozbuild:
* Don't assume iOS just because the toolkit is not cocoa. Ideally
there should be an AC_SUBST just like 'ARM_ARCH' but nothing
exists currently.
* MacOS X SDK version should be able to configure with ./configure
--enable-macos-target=VER
patches/patch-extensions_spellcheck_hunspell_src_mozHunspell.cpp:
* NS_NewNativeLocalFile() can fail and leave hunDir null, so we must
check if it succeeded. This is not Darwin specific though.
* "%%LOCALBASE%%" in the hunspell path is currently not substituted,
which looks very erroneous to me. But since I don't know why
ryoon@ changed it from "@PREFIX@" to "%%LOCALBASE%%" I leave it as
it is.
patches/patch-ipc_glue_moz.build:
* Don't assume cocoa toolkit just because OS_ARCH is Darwin.
patches/patch-js_src_asmjs_AsmJSSignalHandlers.cpp:
* Increase portability for non-x86 Darwin by not hardwiring
x86_THREAD_STATE.
patches/patch-js_xpconnect_src_xpcprivate.h:
* The declaration has to be C++11 'extern template', otherwise
non-weak symbol collision will occur between libmozjs and
libxul. We can't easily test if the feature is supported by
compiler due to GCC bug #1773:
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=1773
patches/patch-memory_mozalloc_VolatileBufferOSX.cpp:
* Try to fallback to valloc(3) if posix_memalign(3) is not
avialble. It has been added since MacOS 10.6.
patches/patch-toolkit_library_moz.build:
* GSTREAMER_LIBS are linked to libxul on Darwin, while they are
dlopen(3)'ed at runtime on other platforms. The problem is that
the toolkit being cocoa isn't relevant at all. It's Darwin that
needs the special handling, not Cocoa.
patches/patch-toolkit_xre_nsAppRunner.cpp:
* MacOS X < 10.6 had an undocumented behavior concerning execve(2)
inside a threaded process. If a process tried to call execve(2)
and had more than one active thread, the kernel returned
ENOTSUP. So we have to either fork(2) or vfork(2) before calling
execve(2) to make sure the caller is single-threaded as otherwise
the application fails to restart itself.
patches/patch-xpcom_base_nsStackWalk.cpp,
patches/patch-xpcom_build_PoisonIOInterposer.h:
* Replace XP_MACOSX with XP_DARWIN as the former is not defined when
the toolkit is not cocoa.
patches/patch-xpcom_glue_standalone_nsXPCOMGlue.cpp:
* Fix inconsistent use of XP_DARWIN and XP_MACOSX:
LEADING_UNDERSCORE should be empty when we are going to load XPCOM
using dlopen(3), not NSAddImage().
|
|
%%LOCALBASE%%/lib/browser_plugins/symlinks/gecko. Nothing installs
any files there, nor does is this directory created by anything.
|
|
|
|
|
|
From Edgar Fuß in PR 49611.
|
|
Bump PKGREVISION.
|
|
* Fixed a migration crash when unapplying contrib.contenttypes’s or contrib.auth’s first migration.
* Made the migration’s RenameModel operation rename ManyToManyField tables.
* Fixed a migration crash on MySQL when migrating from a OneToOneField to a ForeignKey.
* Prevented the static.serve view from producing ResourceWarnings in certain circumstances.
* Fixed schema check for ManyToManyField to look for internal type instead of checking class instance, so you can write custom m2m-like fields with the same behaviour.
|
|
* GZipMiddleware now supports streaming responses. As part of the 1.4.18 security release, the django.views.static.serve() function was altered to stream the files it serves. Unfortunately, the GZipMiddleware consumed the stream prematurely and prevented files from being served properly.
|
|
* Sync with firefox-35.0.1.
|
|
Changelog:
Fixed 35.0.1 - With the Enhanced Steam extension, Firefox could crash (1123732)
Fixed 35.0.1 - Fix a potential startup crash (1122367)
Fixed 35.0.1 - Kerberos authentication did not work with alias (1108971)
Fixed 35.0.1 - SVG / CSS animation had a regression causing rendering issues on websites like openstreemap.org (1083079)
Fixed 35.0.1 - On Godaddy webmail, Firefox could crash (1113121)
Fixed 35.0.1 - document.baseURI did not get updated to document.location after base tag was removed from DOM for site with a CSP (1121857)
Fixed 35.0.1 - With a Right-to-left (RTL) version of Firefox, the text selection could be broken (1104036)
Fixed 35.0.1 - CSP had a change in behavior with regard to case sensitivity resources loading (1122445)
|
|
changes:
-fixes possible crashes and memory leaks which qualify as DOS problems
(CVE-2015-1380, CVE-2015-1381, CVE-2015-1382)
-minor fixes, documentation improvements
|
|
- fully functional help browser, helper(1)
- minor UI improvements (favicons, popup menus, find dialog...)
- improvements to the build system
|
|
successor www/py-mod_wsgi
|
|
|
|
generates metric information about the run time performance of Apache and mod_wsgi. At least mod_wsgi version 4.2.0 is required.
|
|
compliant interface for hosting Python based web applications on top of the Apache web server.
|
|
Upstream changes:
5.73 2015-01-24
- Deprecated Mojolicious::Routes::Route::bridge in favor of
Mojolicious::Routes::Route::under.
- Deprecated Mojolicious::Controller::render_exception in favor of
reply->exception helper.
- Deprecated Mojolicious::Controller::render_not_found in favor of
reply->not_found helper.
- Removed deprecated object-oriented Mojo::JSON API.
- Removed deprecated stringification support from Mojo::Collection.
- Removed deprecated support for data arguments from Mojo::JSON::Pointer.
- Removed deprecated AUTOLOAD and pluck methods from Mojo::Collection.
- Removed deprecated AUTOLOAD and val methods from Mojo::DOM.
- Moved tutorial from Mojolicious::Lite to Mojolicious::Guides::Tutorial.
- Added term_escape method to Mojo::ByteStream.
- Added term_escape function to Mojo::Util.
- Improved get command to use the user agent of the application.
- Improved diagnostics information for MOJO_DAEMON_DEBUG,
MOJO_USERAGENT_DEBUG and MOJO_WEBSOCKET_DEBUG environment variables.
- Fixed tag helpers to generate correct HTML5. (batman, sri)
- Fixed JSON Pointer escaping bug.
- Fixed portability bug in monkey_patch tests.
|
|
Upstream changes:
1.74 2015-01-23
========================================
[OTHER CHANGES]
- updated repository link in metadata
|
|
replaced by contao34 (Contao Open Source CMS 3.4.x).
|
|
|
|
Version 3.4.2 (2015-01-22)
--------------------------
### Fixed
Fix an infinite recursion problem in the `FilesModel` class (see #7588).
Version 3.4.1 (2015-01-22)
--------------------------
### Fixed
Fix the position of the input field hints (see #7561).
### Fixed
Do not apply the GDlib maximum dimensions to SVG images (see #7435).
### Fixed
Do not show the diff icon if a record has been deleted (see #7429).
### Fixed
Remove a left-over headline from the `ce_text.xhtml` template (see #7502).
### Fixed
Preserve comments when exporting CSS files (see #7482).
### Fixed
Fix the LESS import path in the Combiner (see #7533).
### Fixed
Hide the width and height attributes if there is a sizes attribute (see #7500).
### Fixed
Remove the hardcoded figcaption width (see #7549).
### Fixed
Only load the model in the file/page picker if the class exists (see #7490).
### Fixed
Romanize style sheet names (see #7526).
### Fixed
Add the username to the "account has been locked" log entry (see #7551).
### Fixed
Consider the suhosin.memory_limit when raising the PHP limits (see #7035).
### Fixed
Added two missing `exclude` flags in the `tl_page` data container (see #7522).
### Fixed
Send an UTF-8 charset header in the `die_nicely()` function (see #7519).
### Fixed
Correctly validate dates in the `Widget` class (see #7498).
### Fixed
Back port the fixes from #7475 and #7473.
### Fixed
Send the same cache headers for cached and uncached pages (see #7455).
### Fixed
Fix the `current() expects parameter 1 to be array` issue (see #6739).
### Fixed
Correctly replace the `*_teaser` insert tags (see #7488).
### Fixed
Adjust the last and previous login labels (see #7426).
### Fixed
Unset the `postUnsafeRaw` cache in `Input::setPost()` (see #7481).
|
|
Version 3.2.17 (2015-01-22)
---------------------------
### Fixed
Romanize style sheet names (see #7526).
### Fixed
Add the username to the "account has been locked" log entry (see #7551).
### Fixed
Consider the suhosin.memory_limit when raising the PHP limits (see #7035).
### Fixed
Added two missing `exclude` flags in the `tl_page` data container (see #7522).
### Fixed
Send an UTF-8 charset header in the `die_nicely()` function (see #7519).
### Fixed
Correctly validate dates in the `Widget` class (see #7498).
### Fixed
Back port the fixes from #7475 and #7473.
### Fixed
Send the same cache headers for cached and uncached pages (see #7455).
### Fixed
Fix the `current() expects parameter 1 to be array` issue (see #6739).
### Fixed
Correctly replace the `*_teaser` insert tags (see #7488).
### Fixed
Adjust the last and previous login labels (see #7426).
### Fixed
Unset the `postUnsafeRaw` cache in `Input::setPost()` (see #7481).
|
|
|
|
|
|
|
|
i486 is not sufficient, i686 and/or much newer compiler will be required for
NetBSD-5.*-i386.
|
|
other ways instead.
|
|
Support libecap v1.0
Authentication helper query extensions
Support named services
Upgraded squidclient tool
Helper support for concurrency channels
Native FTP Relay
Receive PROXY protocol, Versions 1 & 2
Basic authentication MSNT helper changes
|
|
|
|
(with post 2.6.0 fix: bin/httpclient one-liner broken)
## Changes
### Changes in 2.6.0
This release includes internal CookieManager implementation change. It
involves compatibility layer but for the case your library depends on internal
implementation it also provides a way to restore the implementation. See below
for more details.
* Changes
* feat: use http-cookie if available for better Cookies spec compliance.
Instead of WebAgent 0.6.2 that is not maintained over 10 years. To omit
maintaining that library use http-cookie for better spec compliance and
healthy development.
This introduces following incompatibility from existing cookies
implementation.
* Expired cookies are not saved. With the old implementation expired
cookies are saved in file and not be sent to the server. With the new
implementation the expired cookies are not saved to the file and not
be sent to the server.
* Cookie#domain returns dot-less domain for domain cookies. Instead,
Cookie#dot_domain returns with dot.
http-cookie is used by default if available but you can restore original
CookieManager behavior by loading 'httpclient/webagent-cookie' feature
before 'httpclient' like this;
```ruby
require 'httpclient/webagent-cookie'
require 'httpclient'
```
The new implementation dumps warnings to help you migrate to http-cookie.
Please follow the suggestion to avoid future compatibility.
```ruby
e.g.
WebAgent::Cookie is deprecated and will be replaced with HTTP::Cookie in the near future. Please use Cookie#origin= instead of Cookie#url= for the replacement.
Cookie#domain returns dot-less domain name now. Use Cookie#dot_domain if you need "." at the beginning.
CookieManager#find is deprecated and will be removed in near future. Use HTTP::Cookie.cookie_value(CookieManager#cookies) instead
```
* feat: Message#previous to get responses in negotiation
HTTP::Message#previous keeps previous response in negotiation. For
redirection, authorization negotiation and retry from custom filter.
Closes #234.
* feat: Add JSONClient
JSONClient auto-converts Hash <-> JSON in request and response.
* For POST or PUT request, convert Hash body to JSON String with
'application/json; charset=utf-8' header.
* For response, convert JSON String to Hash when content-type is
'(application|text)/(x-)?json'
This commit include bin/jsonclient that works as same as bin/httpclient
not with HTTPClient but with JSONClient.
* feat: Add download command
```
% httpclient download http://host/path > file
```
* Bug fixes
* fix: duplicated query params by follow_redirect
When the original request has query and the server returns redirection
response with Location, HTTPClient wrongly adds query to the new URI. In
such case the Location header could include query part;
```
e.g.
http://originalhost/api/call?limit=10
-> Location: http://otherhost/api/call?limit=10
```
HTTPClient should just hit the new location '/api/call?limit=10' not
'/api/call?limit=10&limit=10'. Closes #236.
* fix: NTLM & Basic dual auth
When a server returns two or more WWW-Authenticate headers and the first
one is NTLM, say WWW-Authenticate: NTLM and WWW-Authenticate: Basic in
this order, HTTPClient sent Basic Authorization header after finishing
NTLM auth negotiation.
NTLM auth is a connection authentication scheme so HTTPClient deleted
the internal auth negotiation state so that NTLM authenticator does not
do anything after the negotiation has completed. In such case, for the
subsequent requests, NTLM authenticator does nothing but Basic
authenticator sends Basic Authorization header to the server that is
already negotiated via NTLM authenticator. This can cause authentication
failure.
This commit changes the internal state handling not to delete the state
but introduce :done state. NTLM authenticator returns :skip for the
request to the server that auth negotiation has completed. WWWAuth skips
other authenticator to avoid above issue. Closes #157.
* fix: transplant IO positions to new request in negotiation
In authorization negotiation HTTP::Message for request is generated for
each request, of course, but HTTPClient did not care the IO position
recorded in the previous requests in the subsequent requests. Closes #130.
* fix: avoid inconsistent Content-Length and actual body
If lengths of all posted arguments are known HTTPClient sends
'Content-Length' as a sum length of all arguments. But the length of
actual body was wrong because it read as much as possible regardless of
what IO#size returned. So if the file is getting bigger while HTTPClient
is processing a request the request has inconsistent Content-Length and
body.
This bug is found, and the fix is proposed both by @Teshootub7. Thank
you very much for patient trouble shooting! Fixes #117.
* fix: KeepAliveDisconnected race condition
As details explained in #84, current HTTPClient's KeepAliveDisconnected
handling has a race condition bug that allows a client to have
invalidated connection two or more times. This could be a cause of #185.
To avoid this, make HTTPClient acquire new connection for retry of
KeepAliveDisconnected. Closes #84. Closes #185.
### Changes in 2.5.3
This release includes behavior changes of POST and PUT requests that has
nil as a body. See changes below. Emtpty String as a body is not affected.
* Changes
* Update cacert. "Certificate data from Mozilla as of: Tue Oct 28 22:03:58 2014"
-> Reverted in 2.5.3.3 because it caused unexpected SSLError. See
https://github.com/nahi/httpclient/issues/230
* Allow no content POST and PUT.
Previously POST or PUT with :body => nil meant that 'POST or PUT with 0
length entity body'. But sometimes you need to POST or PUT actually no
content which should not have Content-Type nor Content-Length.
It could be incompatible change for user who POST/PUT-ed with empty body
but it should be rare, actually WEBrick cannot handle such 'no content'
POST and PUT. #128.
* Add default_header property.
:default_header is for providing default headers Hash that all HTTP
requests should have, such as custom 'Authorization' header in API. You
can override :default_header with :header Hash parameter in HTTP request
methods.
* raise if redirect res does not have Location header. #155.
* Bug fixes
* Avoid NPE by a cookie without domain=.
The root cause is still uncertain though. Closes #123
* Suppress verify_callback warning.
Because OpenSSL can try multiple certificate chains and some of it can
fail, and one of them succeeds. For that case warning is irrelevant.
Let it warn only in $DEBUG mode. #221.
### Changes in 2.5.2
Oct 29, 2014 - version 2.5.2
* Changes
* Add :force_basic_auth config - #166, #179, #181.
Generally HTTP client must send Authorization header after it gets 401
error from server from security reason. But in some situation (e.g.
API client) you might want to send Authorization from the beginning.
You can turn on/off force_basic_auth flag for sending Authorization
header from the beginning. (Of cource, if a request URI matches with
the URI you set in set_auth method)
Syntax:
```ruby
HTTPClient.new(:force_basic_auth => true)
# or
c = HTTPClient.new
c.force_basic_auth = true
```
* Add :base_url to HTTPClient configuration.
Passing path to get, post, etc. is recognized as a request to
:base_url + uri. If you pass full URL :base_url is ignored.
```ruby
api = HTTPClient.new(:base_url => 'https://api.example.com/v1')
api.get("/users.json") # => Get https://api.example.com/v1/users.json
api.get("https://localhost/path") # => https://localhost/path
```
### Changes in 2.5.1
Oct 19, 2014 - version 2.5.1
* Changes
* Allow to specify :query in POST, PUT, DELETE and OPTIONS requests.
Closes #83.
* Allow to specify :body in OPTIONS request. Closes #136.
### Changes in 2.5.0
Oct 17, 2014 - version 2.5.0
**IMPORTANT CHANGES**
This version changes (again) default SSL options to help
BEAST/CRIME/POODLE Attack prevension.
* Disabled SSLv3 in favor of POODLE Attack prevention.
* Enabled 1/n-1 fragment in favor of BEAST Attack prevention.
* No TLS compression in favor of CRIME Attack prevention.
You can restore the previous SSL configuration like this;
```ruby
client = HTTPClient.new
client.ssl_config.ssl_version = :SSLv23
client.ssl_config.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_SSLv2
```
* Changes
* Change default SSL options. See above.
* Keep cause error of KeepAliveDisconnected. It allows caller to
investigate the cause of KeepAliveDisconnected.
### Changes in 2.4.0
Jun 8, 2014 - version 2.4.0
**IMPORTANT CHANGES**
This version changes default SSL version to :auto (same as nil) to use SSL/TLS
version negotiation. Former versions use SSLv3 as default that does not connect
via TLS. This change makes underlying OpenSSL library decide which SSL/TLS
version to use but SSLv2 is disabled.
This change makes your secure connection safer but if you see SSL connection
failure with this version try specifying SSL version to use SSLv3 like;
```
client = HTTPClient.new
client.ssl_config.ssl_version = :SSLv3
```
* Bug fixes
* Avoid unnecessary connection retries for OAuth error.
[#203](https://github.com/nahi/httpclient/issues/203)
* Make authentication drivers Thread-safe. Note that HTTPClient instance is
Thread-safe for authentication state update but it shares authentication
state across threads by design. If you don't want to share authentication
state, such as for using different authentication username/password pair
per thread, create HTTPClient instance for each Thread.
[#200](https://github.com/nahi/httpclient/issues/200)
* Avoid chunked String recycle in callback block.
[#193](https://github.com/nahi/httpclient/issues/193)
* Do not send empty 'oauth_token' in signed request for compatibility.
[#188](https://github.com/nahi/httpclient/issues/188)
* Ignore negative Content-Length header from server.
[#175](https://github.com/nahi/httpclient/issues/175)
* Fix incorrect use of absolute URL for HTTPS proxy requests.
[#168](https://github.com/nahi/httpclient/issues/168)
* Handle UTF characters in chunked bodies.
[#167](https://github.com/nahi/httpclient/issues/167)
* A new cookie never be accepted if an HTTPClient has the same expired cookie.
[#154](https://github.com/nahi/httpclient/issues/154)
* Allow spaces in NO_PROXY environment like; "hosta, hostb"
[#141](https://github.com/nahi/httpclient/issues/141)
* Avoid HttpClient::Message::Body#dump causes Encoding::CompatibilityError.
[#140](https://github.com/nahi/httpclient/issues/140)
* Changes
* Change default SSL version to :auto to use version negotiation.
[#186](https://github.com/nahi/httpclient/issues/186),
[#204](https://github.com/nahi/httpclient/issues/204)
* Allow to pass client private key passphrase in SSLConfig.
[#201](https://github.com/nahi/httpclient/issues/201)
* Convert README to markdown syntax
[#198](https://github.com/nahi/httpclient/issues/198)
* Update default CA certificates: change the source from JDK's to Firefox's.
The file is downloaded from
https://raw.githubusercontent.com/bagder/ca-bundle/master/ca-bundle.crt
(Certificate data from Mozilla as of: Tue Apr 22 08:29:31 2014)
[#195](https://github.com/nahi/httpclient/issues/195)
* Callback block can be defined as to get 2 arguments to retrieve the
response object.
[#194](https://github.com/nahi/httpclient/issues/194)
* Remove [] from given address for IPv6 compat.
[#176](https://github.com/nahi/httpclient/issues/176)
* Update API endpoints to those of Twitter REST API v1.1.
[#150](https://github.com/nahi/httpclient/issues/150)
|
|
|
