| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Upstream changes:
1.3135 2015-04-22
[DOCUMENTATION]
- Document how to work with Dist::Zilla and the 'devel' branch.
[ENHANCEMENTS]
- Deprecate 'auto_reload' and document alternatives. (GH#1106, isync)
- Change YAML tests to be in line with new specs. (GH#1108, Slaven Rezi)
[STATISTICS]
- code churn: 12 files changed, 150 insertions(+), 50 deletions(-)
|
|
|
|
|
|
for the Django Web Framework 1.4+. It includes 3 different tree
implementations: Adjacency List, Materialized Path and Nested Sets.
|
|
|
|
This release includes the following changes:
o openssl: show the cipher selection to use in verbose text
o gtls: implement CURLOPT_CERTINFO
o add CURLOPT_SSL_FALSESTART option (darwinssl and NSS)
o curl: add --false-start option
o add CURLOPT_PATH_AS_IS
o curl: add --path-as-is option
o curl: create output file on successful download of an empty file
This release includes the following bugfixes:
o ConnectionExists: for NTLM re-use, require credentials to match
o cookie: cookie parser out of boundary memory access
o fix_hostname: zero length host name caused -1 index offset
o http_done: close Negotiate connections when done
o sws: timeout idle CONNECT connections
o nss: improve error handling in Curl_nss_random()
o nss: do not skip Curl_nss_seed() if data is NULL
o curl-config.in: eliminate double quotes around CURL_CA_BUNDLE
o http2: move lots of verbose output to be debug-only
o dist: add extern-scan.pl to the tarball
o http2: return recv error on unexpected EOF
o build: Use default RandomizedBaseAddress directive in VC9+ project files
o build: Removed DataExecutionPrevention directive from VC9+ project files
o tool: Updated the warnf() function to use the GlobalConfig structure
o http2: Return error if stream was closed with other than NO_ERROR
o mprintf.h: remove #ifdef CURLDEBUG
o libtest: fixed linker errors on msvc
o tool: use ENABLE_CURLX_PRINTF instead of _MPRINTF_REPLACE
o curl.1: fix "The the" typo
o cmake: handle build definitions CURLDEBUG/DEBUGBUILD
o openssl: remove all uses of USE_SSLEAY
o multi: fix memory-leak on timeout (regression)
o curl_easy_setopt.3: added CURLOPT_SSL_VERIFYSTATUS
o metalink: add some error checks
o TLS: make it possible to enable ALPN/NPN without HTTP/2
o http2: use CURL_HTTP_VERSION_* symbols instead of NPN_*
o conncontrol: only log changes to the connection bit
o multi: fix *getsock() with CONNECT
o symbols.pl: handle '-' in the deprecated field
o MacOSX-Framework: use @rpath instead of @executable_path
o GnuTLS: add support for CURLOPT_CAPATH
o GnuTLS: print negotiated TLS version and full cipher suite name
o GnuTLS: don't print double newline after certificate dates
o memanalyze.pl: handle free(NULL)
o proxy: re-use proxy connections (regression)
o mk-ca-bundle: Don't report SHA1 numbers with "-q"
o http: always send Host: header as first header
o openssl: sort ciphers to use based on strength
o openssl: use colons properly in the ciphers list
o http2: detect premature close without data transfered
o hostip: Fix signal race in Curl_resolv_timeout
o closesocket: call multi socket cb on close even with custom close
o mksymbolsmanpage.pl: use std header and generate better nroff header
o connect: Fix happy eyeballs logic for IPv4-only builds
o curl_easy_perform.3: remove superfluous close brace from example
o HTTP: don't use Expect: headers when on HTTP/2
o Curl_sh_entry: remove unused 'timestamp'
o docs/libcurl: makefile portability fix
o mkhelp: Remove trailing carriage return from every line of input
o nss: explicitly tell NSS to disable NPN/ALPN when libcurl disables it
o curl_easy_setopt.3: added a few missing options
o metalink: fix resource leak in OOM
o axtls: version 1.5.2 now requires that config.h be manually included
o HTTP: don't switch to HTTP/2 from 1.1 until we get the 101
o cyassl: detect the library as renamed wolfssl
o CURLOPT_HTTPHEADER.3: add a "SECURITY CONCERNS" section
o CURLOPT_URL.3: Added "SECURITY CONCERNS
o openssl: try to avoid accessing OCSP structs when possible
o test938: added missing closing tags
o testcurl: Allow '=' in values given on command line
o tests/certs: added make target to rebuild certificates
o tests/certs: rebuild certificates with modified key usage bits
o gtls: avoid uninitialized variable
o gtls: dereferencing NULL pointer
o gtls: add check of return code
o test1513: eliminated race condition in test run
o dict: rename byte to avoid compiler shadowed declaration warning
o curl_easy_recv/send: make them work with the multi interface
o vtls: fix compile with --disable-crypto-auth but with SSL
o openssl: adapt to ASN1/X509 things gone opaque in 1.1
o openssl: verifystatus: only use the OCSP work-around <= 1.0.2a
o curl_memory: make curl_memory.h the second-last header file loaded
o testcurl.pl: add the --notes option to supply more info about a build
o cyassl: If wolfSSL then identify as such in version string
o cyassl: Check for invalid length parameter in Curl_cyassl_random
o cyassl: default to highest possible TLS version
o Curl_ssl_md5sum: return CURLcode (fixes OOM)
o polarssl: remove dead code
o polarssl: called mbedTLS in 1.3.10 and later
o globbing: fix step parsing for character globbing ranges
o globbing: fix url number calculation when using range with step
o multi: on a request completion, check all CONNECT_PEND transfers
o build: link curl to openssl libraries when openssl support is enabled
o url: Don't accept CURLOPT_SSLVERSION unless USE_SSL is defined
o vtls: Don't accept unknown CURLOPT_SSLVERSION values
o build: Fix libcurl.sln erroneous mixed configurations
o cyassl: remove undefined reference to CyaSSL_no_filesystem_verify
o cyassl: add SSL context callback support for CyaSSL
o tool: only set SSL options if SSL is enabled
o multi: remove_handle: move pending connections
o configure: Use KRB5CONFIG for krb5-config
o axtls: add timeout within Curl_axtls_connect
o CURLOPT_HTTP200ALIASES.3: Mainly SHOUTcast servers use "ICY 200"
o cyassl: Fix library initialization return value
o cookie: handle spaces after the name in Set-Cookie
o http2: Fix missing nghttp2_session_send call in Curl_http2_switched
o cyassl: Fix certificate load check
o build-openssl.bat: Fix mixed line endings
o checksrc.bat: Check lib\vtls source
o DNS: fix refreshing of obsolete dns cache entries
o CURLOPT_RESOLVE: actually implement removals
o checksrc.bat: quotes to support an SRC_DIR with spaces
o cyassl: Remove 'Connecting to' message from cyassl_connect_step2
o cyassl: Use CYASSL_MAX_ERROR_SZ for error buffer size
o lib/transfer.c: Remove factor of 8 from sleep time calculation
o lib/makefile.m32: add missing libs to build libcurl.dll
o build: Generate source prerequisites for Visual Studio in generate.bat
o cyassl: Include the CyaSSL build config
o firefox-db2pem: fix wildcard to find Firefox default profile
o BUGS: refer to the github issue tracker now as primary
o vtls_openssl: improve several certificate error messages
o cyassl: Add support for TLS extension SNI
o parsecfg: do not continue past a zero termination
o configure --with-nss=PATH: query pkg-config if available
o configure --with-nss: drop redundant if statement
o cyassl: Fix include order
o HTTP: fix PUT regression with Negotiate
o curl_version_info.3: fixed the 'protocols' variable type
|
|
Changes:
4.1.1:
Maintenance release, fixed 21 bugs.
4.1.2:
- A serious critical cross-site scripting vulnerability, which could enable
anonymous users to compromise a site.
- Files with invalid or unsafe names could be uploaded.
- Some plugins are vulnerable to an SQL injection attack.
- A very limited cross-site scripting vulnerability could be used as part of a
social engineering attack.
- Four hardening changes, including better validation of post titles within the
Dashboard.
|
|
4.15 2015-04-20
[ RELEASE NOTES ]
- This release removes the AUTOLOAD and compile optimisations from CGI.pm
that were introduced into CGI.pm twenty (20) years ago as a response to
its large size, which meant there was a significant compile time penalty.
- This optimisation is no longer relevant and makes the code difficult to
deal with as well as making test coverage metrics incorrect. Benchmarks
show that advantages of AUTOLOAD / lazy loading / deferred compile are
less than 0.05s, which will be dwarfed by just about any meaningful code
in a cgi script. If this is an issue for you then you should look at
running CGI.pm in a persistent environment (FCGI, etc)
- To offset some of the time added by removing the AUTOLOAD functionality
the dependencies have been made runtime rather than compile time. The
POD has also been split into its own file. CGI.pm now contains around
4000 lines of code, which compared to some modules on CPAN isn't really
that much
- This essentially deprecates the -compile pragma and ->compile method. The
-compile pragma will no longer do anything, whereas the ->compile method
will raise a deprecation warning. More importantly this also REMOVES the
-any pragma because as per the documentation this pragma needed to be
"used with care or not at all" and allowing arbitrary HTML tags is almost
certainly a bad idea. If you are using the -any pragma and using arbitrary
tags (or have typo's in your code) your code will *BREAK*
- Although this release should be back compatible (with the exception of any
code using the -any pragma) you are encouraged to test it throughly as if
you are doing anything out of the ordinary with CGI.pm (i.e. have bugs
that may have been masked by the AUTOLOAD feature) you may see some issues.
- References: GH #162, GH #137, GH #164
[ SPEC / BUG FIXES ]
- make the list context warning in param show the filename rather than
the package so we have more information on exactly where the warning
has been raised from (GH #171)
- correct self_url when PATH_INFO and SCRIPT_NAME are the same but we
are not running under IIS (GH #176)
- Add the multi_param method to :cgi export (thanks to xblitz for the patch
and tests. GH #167)
- Fix warning for lack of HTTP_USER_AGENT in CGI::Carp (GH #168)
- Fix imports when called from CGI::Fast, restores the import of CGI functions
into the callers namespace for users of CGI::Fast (GH leejo/cgi-fast#11 and
GH leejo/cgi-fast#12)
[ FEATURES ]
- CGI::Carp now has $CGI::Carp::FULL_PATH for displaying the full path to the
offending script in error messages
- CGI now has env_query_string() for getting the value of QUERY_STRING from the
environment and not that fiddled with by CGI.pm (which is what query_string()
does) (GH #161)
- CGI::ENCODE_ENTITIES var added to control which chracters are encoded by the
call to the HTML::Entities module - defaults to &<>"\x8b\x9b' (GH #157)
[ DOCUMENTATION ]
- Fix some typos (GH #173, GH #174)
- All *documentation* for HTML functionality in CGI has been moved into
its own namespace: CGI::HTML::Functions - although the functionality
continues to exist within CGI.pm so there are no code changes required
(GH #142)
- Add missing documentation for env variable fetching routines (GH #163)
[ TESTING ]
- Increase test coverage (GH #3)
[ INTERNALS ]
- Cwd made a TEST_REQUIRES rather than a BUILD_REQUIRES in Makefile.PL
(GH #170)
- AutoloadClass variables have been removed as AUTOLOAD was removed in
v4.14 so these are no longer necessary (GH #172 thanks to alexmv)
- Remove dependency on constant - internal DEBUG, XHTML_DTD and EBCDIC
constants changes to $_DEBUG, $_XHTML_DTD, and $_EBCDIC
|
|
* Sync with firefox-37.0.2.
|
|
Changelog:
Fixed Request Desktop Site feature does not work as expected
|
|
|
|
A library to support the Internationalised Domain Names in Applications
(IDNA) protocol as specified in RFC 5891. This version of the
protocol is often referred to as IDNA2008 and can produce different
results from the earlier standard from 2003.
The library is also intended to act as a suitable drop-in replacement
for the encodings.idna module that comes with the Python standard
library but currently only supports the older 2003 specification.
|
|
jihbed@users.sourceforge.net - uses w3c license.
|
|
This is a wrapper around a SPARQL service. It helps in creating the query URI
and, possibly, convert the result into a more manageable format.
|
|
|
|
|
|
tnn wrote:
: As the software seems to be ...
:
: 1) completely abandoned by upstream for several years
: 2) hasn't worked in pkgsrc for at least as long
: 3) has been removed from all linux distributions I can find
:
: ... the only reasonable choice of action is to remove it.
|
|
|
|
Added support for Django 1.8
Dropped support for Django 1.2
|
|
Unknown
|
|
Numerous documentation updates especially for installation and the tutorial
Numerous improvements to translations
Improves reliability of apphooks
Improves reliabiliy of Advanced Settings for pages when using apphooks
Allow page deletion after template removal
Improves upstream caching accuracy
Improves CMSAttachMenu registration
Improves handling of mistyped URLs
Improves redirection as a result of changes to page slugs, etc.
Improves performance of "watched models"
Improves frontend performance relating to resizing the sideframe
Corrects an issue where items might not be visible in structue mode menus
Limits version of django-mptt used in CMS for 3.0.x
Prevent accidental upgrades to Django 1.8, which is not yet supported
|
|
- Support for MySQL utf8mb4
- Fixing some Django deprecation warnings
- Versions passed through by reversion.post_revision_commit now contain a primary key
|
|
Because this package does not use gnomevfs, libnkgnomevfs.so is
not installed.
|
|
|
|
From hiramatsu@. Thank you.
|
|
|
|
|
|
--------------------------------------------
2014-10-06 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-extra-numeric-character-reference): Add (?\C-m . ? ).
[emacs-w3m:12378]
2014-10-01 Herbert J. Skuhra <h.skuhra@gmail.com>
* aclocal.m4 (AC_PATH_EMACS): Work for Emacs 25.
2014-08-01 Michael Heerdegen <michael_heerdegen@web.de>
Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-input-url-next-history-element): Abolish.
(w3m-url-completion-map): Don't bind M-n key.
(w3m-input-url-default-add-completions): New function.
(w3m-input-url):
Bind minibuffer-default-add-function to it locally in minibuffer.
2014-07-29 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-input-url-provide-initial-content): New user option.
(w3m-input-url): Use it.
(w3m-input-url-next-history-element): New function.
(w3m-url-completion-map): Bind it.
[emacs-w3m:12345]
2014-07-24 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-filter.el (w3m-filter-add-name-anchors): Subdivide long regexp.
[emacs-w3m:12339]
2014-06-12 Katsumi Yamaoka <yamaoka@jpl.org>
* Makefile.in (install-lisp): Compress .el files.
* doc/Makefile.in (install): Compress info files.
* aclocal.m4 (AC_COMPRESS_INSTALL): New function.
* configure.in: Use it.
2014-06-11 Kevin Ryde <user42_kevin@yahoo.com.au>
* w3m.el (w3m-zoom-out-image, w3m-resize-image-interactive): Treat
zoom-out percentage as inverse of zoom-in, so "in" then "out" returns
to the original size.
(w3m-resize-inline-image-internal): Set w3m-image-scale property to
flonum to avoid integer round-off when resizing in and out. Use
`round' rather than `truncate' when calling "convert" so flonum
round-off 99.999 is original 100%.
2014-06-11 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-content-type-alist): Don't bug out for the case where
browse-url-browser-function is set to a function symbol that is not yet
defined. [emacs-w3m:12317]
2014-04-21 Michael Ernst <mernst@cs.washington.edu>
* w3m-util.el (w3m-beginning-of-tag, w3m-end-of-tag): Work correctly
for the case there is only whitespace between <tag> and </tag>.
2014-03-31 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-markup-urls-nobreak): Don't modify textarea.
[emacs-w3m:12308]
2014-03-26 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-relationship-estimate-rules): Update regexps for Google.
2014-02-13 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-url-encode-string): Encode `:' and `/'.
Suggested by Dan Jacobson <jidanni@jidanni.org>.
* w3m-form.el (w3m-form-make-form-data, w3m-form-parse-and-fontify):
Use car-less-than-car.
2014-02-10 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-filter.el (w3m-filter-subst-disabled-with-readonly): Relax regexp.
* w3m-form.el (w3m-form-submit): Work for a url having no query part.
2014-01-08 Mirko M. <mirko.m@hotmail.com>
* w3m-util.el (w3m-delete-frames-and-windows): Don't clear the windows
layout that used to be before visiting an emacs-w3m buffer.
[emacs-w3m:12273]
2014-01-07 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-util.el (w3m-static-if, w3m-static-when, w3m-static-unless)
(w3m-static-cond): Add edebug spec.
* octet.el: Fix edebug spec for the static-* macros.
2013-12-03 Tatsuya Kinoshita <tats@vega.ocn.ne.jp>
* mew-w3m.el (mew-w3m-region): Set point to the end of <div> tag to
prevent infinite loop.
2013-12-01 Tatsuya Kinoshita <tats@vega.ocn.ne.jp>
* mew-w3m.el (mew-w3m-region): Set point to minimum for
`mew-w3m-cite-blockquote' to work.
2013-11-05 Katsumi Yamaoka <yamaoka@jpl.org>
* mew-w3m.el (mew-w3m-cite-blockquote): New function.
(mew-w3m-region): Use it.
2013-11-26 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-filter.el (w3m-filter-subst-disabled-with-readonly): Rewrite.
* w3m-filter.el (w3m-filter-subst-disabled-with-readonly):
Fix the width of disabled select form.
2013-11-25 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-filter.el (w3m-filter-subst-disabled-with-readonly): Replace
disabled or readonly select forms, that w3m doesn't support, with
read-only input forms. [emacs-w3m:12222]
* w3m-form.el (w3m-form-parse-and-fontify): Make read-only text buttons
for image, reset, and submit forms if readonly attr is turned on.
* w3m-ems.el, w3m-form (w3m-form-make-button): Add the optional
readonly argument; make a read-only text button if it is non-nil.
2013-11-20 Katsumi Yamaoka <yamaoka@jpl.org>
Make non-link urls unbreakable. [emacs-w3m:12215]
* w3m.el (w3m-markup-urls-nobreak): New function.
(w3m-rendering-buffer): Use it.
2013-10-22 Katsumi Yamaoka <yamaoka@jpl.org>
Simplify the tab line control so as not to consume CPU.
Thanks to Michael Heerdegen for good suggestions.
* w3m-ems.el (w3m-tab-line-format, w3m-tab-timer): Abolish.
(w3m-tab-mouse-track-selected-tab): Run `w3m-tab-line' instead of using
its cache; remove unused argument `buffers'.
(w3m-tab-line): Don't use chache and timer.
2013-10-17 Katsumi Yamaoka <yamaoka@jpl.org>
Replace `w3m-external-view-current-url', `w3m-external-view-this-url',
and `w3m-view-url-with-external-browser' with
`w3m-view-url-with-browse-url' that runs `browse-url'. [emacs-w3m:12190]
* w3m.el (w3m-menubar, w3m-tab-button-menu-commands, w3m-link-map): Do.
(w3m-external-view-current-url, w3m-external-view-this-url)
(w3m-view-url-with-external-browser): Make obsolete.
(w3m-view-url-with-browse-url): New function.
(w3m-mode-map): Bind "M" to it.
* w3m-lnum.el (w3m-lnum-actions-link-alist): Bind "M" to
w3m-view-url-with-browse-url instead of w3m-external-view.
(w3m-lnum-mode-map): Use the key bound to w3m-view-url-with-browse-url
for w3m-lnum-external-view-this-url.
(w3m-lnum-external-view-this-url): Use w3m-view-url-with-browse-url
instead of w3m-external-view.
2013-10-16 Michael Heerdegen <michael_heerdegen@web.de>
* w3m-ems.el (w3m-tab-line):
Run w3m-force-window-update unconditionally. [emacs-w3m:12175]
2013-10-09 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-form.el (w3m-form-inactive): Add underline property.
(w3m-form-input-textarea): Don't use it to view read-only textarea.
2013-10-08 Katsumi Yamaoka <yamaoka@jpl.org>
Make disabled or read-only forms inatcive.
* w3m-form.el (w3m-form-parse-and-fontify): Make `select', `checkbox',
`radio', and `file' input forms inactive.
(w3m-form-input-checkbox, w3m-form-input-radio, w3m-form-input-file)
(w3m-form-input-select): Don't allow keys if it is inactive.
2013-10-08 Thorsten Jolitz <tjolitz@gmail.com>
* w3m-form.el (w3m-form-input-textarea-mode-setup): New option for
setting up the textarea input buffer in org-mode instead of text-mode.
(w3m-form-input-textarea-org-mode-map) New minor-mode-map.
(w3m-form-textarea-use-org-mode-p) New variable.
(w3m-form-textarea-toggle-major-mode) New function.
(w3m-form-input-textarea-mode-setup) Setup textarea edit buffer with
major-mode 'org-mode if `w3m-form-textarea-use-org-mode-p' is non-nil.
(w3m-form-input-textarea) Split window sensibly if
`w3m-form-textarea-use-org-mode-p' is non-nil.
(w3m-form-input-textarea-mode) Override default minor-mode map with
new minor-mode-map in case major-mode is 'org-mode.
2013-10-08 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-form.el (w3m-form-input-textarea-mode-setup):
Fix typo (unquoted `view-mode').
2013-10-04 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-form.el (w3m-form-input-textarea-mode-setup): Use view-mode to
show disabled or readonly textarea.
(w3m-form-input-textarea): Revert last change; use w3m-form-inactive
face to show disabled or readonly textarea.
2013-10-03 Katsumi Yamaoka <yamaoka@jpl.org>
Make disabled forms not editable. [emacs-w3m:12146]
* w3m.el (w3m-use-filter): Default to t.
(w3m-show-form-hint): Notice form is inactive.
* w3m-filter.el (w3m-filter-subst-disabled-with-readonly): New function
that substitutes the `disabled' attribute with the `readonly' attribute
in an html source so as to enable w3m to handle.
(w3m-filter-configuration): Add it.
* w3m-form.el (w3m-form-inactive): New face.
(w3m-fontify-textareas, w3m-form-parse-and-fontify): Use it if text is
not editable.
(w3m-form-input): Use w3m-message rather than message.
(w3m-form-input-textarea): Don't allow editing text if it is disabled.
(w3m-form-last-position): New variable.
(w3m-form-restore-last-position): New function.
(w3m-form-submit): Add it to w3m-fontify-after-hook.
2013-09-10 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-input-url): Default to `default' or "".
(w3m-download): Prompt for url endlessly instead of bugging out.
(w3m): Doc fix.
2013-09-09 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-url-completion-map): New overriding keymap.
(w3m-input-url): Use it.
Suggested by Manuel Giraud <manuel@ledu-giraud.fr>.
2013-09-06 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-ems.el (w3m-toolbar-make-buttons): Make tool-bar button use
a single icon image if Emacs built with Gtk+ is running.
cf. <http://thread.gmane.org/gmane.emacs.bugs/78021>
(w3m-toolbar-use-single-image-per-icon): Add a note to docstring.
2013-09-04 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-util.el (w3m-decode-coding-string-with-priority):
Move from w3m-ems.el and w3m-xmas.el.
* w3m-ems.el, w3m-xmas.el
(w3m-decode-coding-string-with-priority): Move to w3m-util.el.
* w3m-proc.el: Don't Fbind it.
* w3mhack.el (w3mhack-make-package):
Avoid making a hard link for w3m-load.el twice.
2013-09-03 Manuel Giraud <manuel@ledu-giraud.fr>
* w3m.el (w3m-canonicalize-url): Do uri replace before normal parsing.
2013-09-02 Katsumi Yamaoka <yamaoka@jpl.org>
Prefer uris based on w3m-uri-replace-alist to Google's feeling lucky.
Suggested by Michael Heerdegen <michael_heerdegen@web.de>.
* w3m.el (w3m-canonicalize-url): Run w3m-uri-replace before falling
back to Google's feeling lucky.
(w3m-uri-replace): Simply return nil if there is no replacement.
(w3m-goto-url): Move forward w3m-uri-replace to w3m-canonicalize-url.
2013-08-26 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-retrieve-and-render): Record failed urls as well to the
arrived database. Suggested by Dan Jacobson.
(w3m-delete-buffer): Kill form buffers before killing a page buffer.
(w3m-delete-buffer): Work around mysterious bug where window positions
aren't restored if this command is called by a mouse event. Reported
by Dan Jacobson.
2013-08-26 Dan Jacobson <jidanni@jidanni.org>
* w3m.el (w3m-toolbar): Simplify the label used for w3m-history.
2013-08-13 Kevin Ryde <user42@zip.com.au>
* w3mhack.el (w3mhack-module-list): Remove w3mhack-load-file from the
modules not to be byte compiled, so that it is byte compiled.
(w3mhack-generate-load-file): Remove no-byte-compile from w3m-load.el.
2013-08-01 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-form.el (w3m-form-parse-and-fontify): Prefer base url if any
rather than the current url when constructing urls that form buttons
specify. Thanks to Thorsten Jolitz [emacs-w3m: 12107].
2013-07-01 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m): Enable it again to fetch Gmane url and others.
(w3m-gmane-url-at-point): Update url.
2013-06-26 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-use-cookies): Default to t.
Make `w3m-input-url' offer no useless initial string.
* w3m.el (w3m-active-region-or-url-at-point, w3m-input-url)
(w3m-download, w3m-view-this-url, w3m-view-url-with-external-browser)
(w3m-goto-url, w3m-goto-url-new-session, w3m): Do.
2013-06-21 Katsumi Yamaoka <yamaoka@jpl.org>
* aclocal.m4: Make configure work for term-mode running in Emacs.
2013-06-18 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (ffap-url-regexp): Silence the byte compiler.
* mime-w3m.el: Require calist when compiling.
2013-05-30 Katsumi Yamaoka <yamaoka@jpl.org>
* mime-w3m.el: Don't use obsolete macro dont-compile.
* w3m.el (w3m-goto-mailto-url): Bind display-buffer-alist instead of
special-display-buffer-names and special-display-regexps for Emacs >=
24.3.
* w3m-ems.el (w3m-image-multi-frame-p): Exclude images that don't
specify a delay.
2013-04-19 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-filter.el (w3m-filter): Don't modify w3m-filter-rules.
2013-04-12 REN Lifeng <renlifeng@wowfly.com>
* w3m-session.el (w3m-session-rename): Don't infloop.
2013-04-11 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-filter.el (w3m-filter-configuration):
Use w3m-language rather than w3m-use-japanese-menu.
2013-04-10 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-filter.el (w3m-filter-add-name-anchors): Fix regexp matching name
anchors. Reported by Dan Jacobson <jidanni@jidanni.org>.
2013-04-08 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-form.el (w3m-form-get-by-name): Distinguish the type of forms of
the same names. Reported by Kevin Ryde <user42@zip.com.au>.
(w3m-form-resume, w3m-form-parse-and-fontify, w3m-form-input-map): Do.
2013-04-05 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-filter.el (w3m-filter-fix-tfoot-rendering): New filter.
(w3m-filter-configuration): Add it but not activate.
* w3m-ems.el (w3m-image-multi-frame-p): New alias.
(w3m-image-animate): Use it.
2013-02-04 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-retrieve-and-render): Remove workaround.
* w3m-util.el (w3m-force-window-update-later): Make 1st arg optional.
* w3m-ems.el (w3m-force-window-update): A window need to be redisplayed
for `force-window-update' to work (see the docstring).
2013-01-23 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-lnum.el (w3m-lnum-read-interactive): Replace w3m-scroll-up-1 with
w3m-scroll-up.
* w3m.el (w3m-scroll-up): Rename from w3m-scroll-up-1.
(w3m-scroll-up, w3m-scroll-up-or-next-url): Make the bottom of a page
border on the bottom of a screen when having finished scrolling
the page up.
(w3m-scroll-down): New function detached from
w3m-scroll-down-or-previous-url.
(w3m-scroll-down-or-previous-url): Move point to the top when having
finished scrolling a page down.
(w3m-mwheel-scroll-up, w3m-mwheel-scroll-down): New functions.
(w3m-mode): Bind mwheel-scroll-(up,down)-function to
w3m-mwheel-scroll-(up,down).
Suggested by Dan Jacobson <jidanni@jidanni.org>.
2013-01-11 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-retrieve-and-render): Do (sit-for 0) to update the
header-line appearance as a workaround; see the 2013-01-11 comment.
(w3m-view-this-url-1): Revert 2010-01-15 change; don't popup new
session if w3m-new-session-in-background is non-nil.
Reported by Michael Heerdegen <michael_heerdegen@web.de>.
2012-12-25 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-search.el (w3m-search-do-search): Save history position.
Reported by Dan Jacobson <jidanni@jidanni.org>.
2012-12-17 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-ems.el (w3m-ems-create-image): Abolish.
(w3m-image-animate-seconds): New user option.
(w3m-image-animate): New function.
(w3m-create-image): Use it.
* w3m.el (w3m-resize-inline-image-internal): Use w3m-image-animate.
* w3m-xmas.el (w3m-image-animate): Alias to identity.
2012-12-10 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-decode-anchor-string): Decode url used to next/prev/...
cf. http://emacs-w3m.namazu.org/ml/msg11824.html
2012-12-05 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-util.el (w3m-flet): Rewrite it using cl-letf.
2012-12-04 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-util.el (w3m-labels): Revert; use cl-labels if available.
2012-12-04 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-util.el (w3m-labels): Rewrite.
2012-11-19 Uday S Reddy <u.s.reddy@cs.bham.ac.uk>
* w3m.el (w3m-command-environment): Make the "CYGWIN" environment
variable default to "binmode" for NTEmacs.
2012-10-18 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-filter.el (w3m-filter-configuration): Work around a widget bug.
2012-10-17 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-filter.el: Change file coding system to utf-8.
(w3m-filter-configuration):
New user option, a successor to w3m-filter-rules.
(w3m-filter-rules):
Make it semi-obsolete (but still usable) and default to nil.
(w3m-filter):
Use w3m-filter-configuration in addition to w3m-filter-rules.
(w3m-filter-google-click-tracking)
(w3m-filter-google-shrink-table-width, w3m-filter-add-name-anchors):
New filters.
* w3m.el (w3m-rendering-half-dump):
Move function, that adds name anchors, to w3m-filter.el.
(w3m-create-page): Move Google click-tracking filter to w3m-filter.el.
* w3m-util.el (w3m-widget-type-convert-widget):
Don't modify default sexp values.
2012-10-10 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-bookmark.el (w3m-bookmark-buffer): Use (0 0) as the Unix epoch.
* w3m.el (w3m-create-page): Fix regexp matching Google's click-
tracking urls.
2012-07-22 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-rendering-half-dump): Add name anchors for only existing
internal links.
2012-07-19 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-util.el (w3m-flet): New macro.
2012-07-18 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-input-url): Decode url string by the coding system that
url itself specifies if any.
* w3m.el (w3m-goto-url): Allow optional save-pos argument, that leads
it to run w3m-history-store-position.
(w3m-view-parent-page, w3m-scroll-up-or-next-url)
(w3m-scroll-down-or-previous-url): Run w3m-history-store-position.
(w3m-gohome, w3m-browse-url, w3m-find-file, w3m-db-history)
(w3m-history): Run w3m-history-store-position by way of w3m-goto-url.
* w3m-util.el (w3m-labels): New macro that runs cl-labels in Emacs 24.2
and later, otherwise runs labels.
* mime-w3m.el (mime-w3m-insinuate):
* w3m-bookmark.el (w3m-bookmark-safe-string):
* w3m-proc.el (w3m-process-do-with-temp-buffer):
* w3m-rss.el (w3m-rss-parse-date-string):
* w3m-weather.el (w3m-weather-completion-table):
Replace labels with w3m-labels.
* w3mhack.el (w3mhack-nonunix-install): Don't use labels.
2012-07-13 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-input-url, w3m-header-line-insert):
Don't decode only control characters.
2012-07-12 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-input-url): Don't decode %00~%1F and %7F~%9F in url.
2012-07-11 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-url-decode-string): Allow optional regexp matching %**.
(w3m-header-line-insert): Don't decode %00~%1F and %7F~%9F in url.
* w3m.el (w3m-create-page): Show raw contents briefly, not fully, when
prompting a user for the content type.
2012-07-10 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-rendering-half-dump): Add name anchors fast.
2012-07-10 Naohiro Aota <naota@elisp.net>
* w3m.el: (w3m-data-retrieve): URL-decode data-string. It can have
"%2b%2d%3d" representing "/+=".
2012-07-08 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-rendering-half-dump): Add name anchors that w3m can
handle in nested tags.
2012-07-02 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-view-url-with-external-browser): Improve prompt string.
Suggested by Dan Jacobson <jidanni@jidanni.org>.
2012-06-25 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-active-region-or-url-at-point, w3m-print-this-url):
Try to pick #name anchor out.
* w3m-search.el (w3m-search-read-variables): Make commands that use it
error out when other processes run in the current w3m buffer.
* w3m.el (w3m-mode): Add description of some missing commands to doc.
2012-06-20 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-create-page): Safely quit session when a user hits C-g;
make sure to set w3m-current-url.
2012-06-19 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m.el (w3m-cache-header, w3m-cache-request-header)
(w3m-cache-contents, w3m-cache-request-contents)
(w3m-cache-available-p): Canonicalize given url.
(w3m-show-error-information): Show as many info as possible.
2012-06-18 Katsumi Yamaoka <yamaoka@jpl.org>
* w3m-util.el (w3m-popup-buffer): Do nothing for the current buffer.
* w3m.el (w3m-history-highlight-current-url): Extend href anchor to bol.
* w3m.el (w3m-http-status-alist): New variable.
(w3m-http-status): New variable.
(w3m-w3m-retrieve): Set it.
(w3m-retrieve): Clear it.
(w3m-download, w3m-retrieve-and-render, w3m-show-error-information):
Show http status if download or retrieving fails.
|
|
tech-pkg@ and pkgsrc-users@.
|
|
|
|
---------------
* 2.2.7 *
Bluefish 2.2.7 is mostly a bug fix release. It fixes rare crashes in the
autocompletion, the filebrowser, the htmlbar plugin preferences, and in
file-load-cancel, fixes a rare case of broken syntax highlighting after
multiple search/replace actions. It furthermore displays better
error/warning output when parsing language files. It also finally fixes
javascript regex syntax highlighting. The loading of files with corrupt
encoding has been improved, and project loading over sftp has been improved.
Various HTML5 tags have been added, and HTML5 is the default now for php,
cfml and other languages that can include html syntax. Saving and loading
of UTF-16 encoded files was broken and has been fixes. Various languages
have better support, such as javascript, css, html, pascal/deplhi, and html
has improved autocompletion. On OSX the keys for tab switching no longer
confict with some keyboard layouts, and behavior at shutdown was improved.
The upload/download feature has a new option to ignore backup files. The
home/end keys now work better on wrapped tekst. And finally the search and
replace dialog correctly shows the number of results when searching in files
on disk.
|
|
|
|
JIT support). Better fix upstream in all newer branches already.
|
|
Upstream changes:
0.159003 2015-03-23 14:57:15+01:00 Europe/Amsterdam
[ BUG FIXES ]
* Fixed another memory leak with compiled hooks. (Sawyer X)
* Fixed a memory leak with conditionally applied static middleware
(Russell Jenkins)
[ DOCUMENTATION ]
* GH #854, #858: Fix after_template_render hook example. (Adam Weinberger)
* GH #861: Improve documentation of 'forward'. (Andy Beverley)
0.159002 2015-03-03 19:21:21+01:00 Europe/Amsterdam
[ BUG FIXES ]
* GH #856: Memory leak when throwing exception from a hook. (Sawyer X)
|
|
previous releases.
|
|
* Sync with firefox-37.0.1
|
|
|
|
|
|
Not backwards compatible with 1.x. Now depends on php-propro and php-raphf.
Upstream changelog:
2.4.3
* Fixed bug #69357 (HTTP/1.1 100 Continue overriding subsequent 200 response
code with PUT request)
2.4.2
* Fixed bug 69076 (http\Url throws Exception on empty querystring)
* Fixed bug 69313 (http\Client doesn't send GET body)
+ Added libidn2 and UIDNA as fallbacks for IDN support
- Deferred warnings/exceptions of the client, so callbacks for the
currently failing requests will still be called
2.4.1
* Fixed build with PHP <= 5.4 (Remi)
2.4.0
* Split off pecl/apfd and pecl/json_post
2.3.2
* Fixed bug with http\QueryString::offsetSet() resetting the complete
query string
2.3.1
* Fixed build on platforms that need stddef.h to define ptrdiff_t
(e.g. CentOS 7.5)
2.3.0
+ Preliminiary HTTP2 support for http\Client (libcurl with nghttp2 support)
+ Improved performance of HTTP info parser (request/response line)
+ Improved performance of updating client observers
+ Improved performance of http\Env\Response output to streams
+ Improved the error messages of the header parser
+ Added http\Header\Parser class
+ Added http\Client::configure() method accepting an array with the following
options for libcurl:
. maxconnects (int, size of the connection cache)
. max_host_connections (int, max number of connections to a single host,
libcurl >= 7.30.0)
. max_pipeline_length (int, max number of requests in a pipeline,
libcurl >= 7.30.0)
. max_total_connections (int, max number of simultaneous open connections
of this client, libcurl >= 7.30.0)
. pipelining (bool, whether to enable HTTP/1.1 pipelining)
. chunk_length_penalty_size (int, chunk length threshold for pipelining,
libcurl >= 7.30.0)
. content_length_penalty_size (int, size threshold for pipelining,
libcurl >= 7.30.0)
. pipelining_server_bl (array, list of server software names to blacklist
for pipelining, libcurl >= 7.30.0)
. pipelining_site_bl (array, list of server host names to blacklist
for pipelining, libcurl >= 7.30.0)
. use_eventloop (bool, whether to use libevent, libcurl+libevent)
+ Added http\Client::getAvailableOptions() and
http\Client::getAvailableConfiguration() methods
+ Added support for HTTP2 if libcurl was built with nghttp2 support.
+ Added http\Client\Curl\HTTP_VERSION_2_0 constant (libcurl >= 7.33.0)
+ Added http\Client\Curl\TLS_AUTH_SRP constant (libcurl >= 7.21.4)
+ Added pinned_publickey SSL request option (libcurl >= 7.39.0)
+ Added tlsauthtype, tlsauthuser and tlsauthpass SSL request option
(libcurl >= 7.21.4)
+ Added verifystatus (a.k.a OCSP) SSL request option (libcurl >= 7.41.0)
+ Added proxyheader request option (libcurl >= 7.37.0)
+ Added unix_socket_path request option (libcurl >= 7.40.0)
* Fixed compress request option
* Fixed parsing authorities of CONNECT messages
* Fixed parsing Content-Range messages
* Fixed http\Env\Response to default to chunked encoding over streams
* Fixed superfluous output of Content-Length:0 headers
* Fixed persistent easy handles to be only created for persistent
multi handles
* Fixed the header parser to accept not-yet-complete header lines
* Fixed http\Message::toStream() crash in ZTS mode
* Fixed the message stream parser to handle intermediary data bigger than 4k
* Fixed the message stream parser to handle single header lines without EOL
* Fixed http\Message\Body to not generate stat based etags
for temporary streams
- Deprecated http\Client::enablePipelining(), use
http\Client::configure(["pipelining" => true]) instead
- Deprecated http\Client::enableEvents(), use
http\Client::configure(["use_eventloop" => true]) instead
- Removed the cookies entry from the transfer info, wich was very slow
and generated a Netscape formatted list of cookies
- Changed the header parser to reject illegal characters
2.2.1
* Fixed Bug #69000 (http\Url breaks down with very long URL query strings)
2.2.0
- var_dump(http\Message) no longer automatically creates an empty body
+ Added http\Message\Parser class
+ Made http\Client::once() and http\Client::wait() available when using events
+ Added http\Url::PARSE_MBLOC, http\Url::PARSE_MBUTF8,
http\Url::PARSE_TOIDN and http\Url::PARSE_TOPCT constants
+ Added http\Env\Response::setCookie()
+ Added http\Env\Request::getCookie()
2.1.4
* Fixed bug #68353 (QsoSSL support removed in libcurl 7.39)
* Fixed bug #68149 (duplicate content-length with libcurl < 7.23)
* Fixed bug #66891 (Unexpected HTTP 401 after NTLM authentication)
2.1.3
* Fix build with libcurl < 7.26 (Remi)
2.1.2
+ Added missing request option constants: POSTREDIR_303, AUTH_SPNEGO
(libcurl >= 7.38.0), SSL_VERSION_TLSv1_{0,1,2} (libcurl >= 7.34)
* Fixed bug #68083 (PUT method not working after DELETE)
* Fixed bug #68009 (Segmentation fault after calling exit(0) after a request)
* Fixed bug #68000 (Extension does not build on FreeBSD)
2.1.1
* Fix httpVersion retrieval on bigendian (Remi)
* Fix etag/crc32b on bigendian (Remi)
2.1.0
- Removed port and scheme guessing of http\Url for portability
* Fixed PHP-5.3 compatibility
* Fixed PHP-5.4 compatibility
* Fixed possible bus error on shutdown when using events
* Fixed sovereignty of clients when using events
* Fixed a possible crash with http\Encoding\Stream\Dechunk::decode($unencoded)
* Fixed a leak in http\Client\Curl options
* Fixed bug #67733 (Compile error with libevent 2.x)
+ Added RFC5987 support in http\Params
+ Improved synthetic HTTP message parsing performace for ~20%
+ Added request options if libcurl has builtin c-ares support:
dns_interface, dns_local_ip4, dns_local_ip6 (all libcurl >= 7.33.0)
+ Added request options:
expect_100_timeout (libcurl >= 7.36.0), tcp_nodelay
+ Added transfer info:
curlcode, tls_session (libcurl >= 7.34.0), only available during transfer
2.0.7
* General improvements to the test suite
* Fixed http\Env\Response::send() ignoring some write errors
* Fixed bug #67528 (RFC compliant default user agent)
* Fixed a garbage collector issue with JSON POSTs
* Fixed refcount issue and double free of message bodies
* Fixed use after free if the http\Client::enqueue() closure returns TRUE
* Fixed bug #67584 (http\Client\Response not initialized as response
on failure)
2.0.6
+ Added "uploaded" progress state
* Fixed bug #67089 (Segmentaion fault with ZTS)
* Fixed compatibility with PHP-5.6+
* Fixed re-use of request messages which content length remained untouched
when the body was reset
2.0.5
* Fix rare crash with uninitialized CURLOPT_HTTPHEADER
* Fix build with -Werror=format-security (Remi)
* Fix build with extenal libs needed by libcurl
2.0.4
* Removed the pecl/event conflict
* Fixed bug #66388 (Crash on POST with Content-Length:0 and untouched body)
2.0.3
* Fixed typo
2.0.2
* Fixed bug #66250 (shutdown crash as shared extension)
2.0.1
* Fixed a bug with multiple ob_start(http\Env\Response) while
replacing the body
* Fixed build on Windows with libevent2
2.0.0
Extended HTTP support. Again. Keep in mind that it's got the major version 2,
because it's incompatible with pecl_http v1.
* Introduces the http namespace.
* Message bodies have been remodeled to use PHP temporary streams instead
of in-memory buffers.
* The utterly misunderstood HttpResponse class has been reimplemented
as http\Env\Response inheriting http\Message.
* Currently, there's only one Exception class left, http\Exception.
* Errors triggered by the extension can be configured statically by
http\Object::$defaultErrorHandling or inherited http\Object->errorHandling.
* The request ecosystem has been modularized to support different libraries,
though for the moment only libcurl is supported.
|
|
|
|
Matcha SNS is Social Networking Service (SNS) software for intranet
and the Internet SNS. This software has Japanese UI only.
It is formerly known as sencha-sns.
|
|
It is renamed to matcha-sns.
|
|
Upstream changes:
6.07 2015-04-07
- Fixed Windows bug in "daemon.t".
6.06 2015-04-06
- Added element_count_is method to Test::Mojo. (Zoffix)
- Added "chat.pl" to example scripts.
- Improved Mojo::DOM::CSS to handle attribute selectors with single quotes
correctly.
6.05 2015-03-24
- Fixed circular require bug in Mojo::Base and Mojo::Util.
6.04 2015-03-23
- Improved Mojo::Reactor::EV and Mojo::Reactor::Poll to fail more
consistently.
- Improved Mojo::Base performance slightly.
- Fixed a few bugs in Mojo::DOM::CSS that required class, id and attribute
selectors, as well as pseudo-classes, to be in a specific order.
6.03 2015-03-16
- Added support for overriding the HTTP request method with the _method query
parameter.
- Added suggested_method method to Mojolicious::Routes::Route.
- Improved portability of some tests.
6.02 2015-03-09
- Added daemon attribute to Mojo::Server::Morbo.
- Improved portability of Mojo::Server::Morbo.
- Fixed empty template handling in Mojo::Template.
6.01 2015-03-03
- Added content_with helper to Mojolicious::Plugin::DefaultHelpers.
- Relaxed request-line handling in Mojo::Message::Request.
- Fixed code name in version command and built-in templates.
|
|
|
|
|
|
Property proxy: A reusable split-off of pecl_http's property proxy API.
|
|
Quoting database identifiers with backticks as is done in 2.17 is
not portable, and only works with a MySQL backend. Instead, use
the DBI quote_identifier method as hinted in
https://rt.cpan.org/Public/Bug/Display.html?id=101561
Bump PKGREVISION to 1.
|
|
Upstream changes:
1.0034 2015-02-02 21:42:42 CET
[SECURITY]
- Fixed a possible directory traversal with Plack::App::File on Win32 (sri)
[IMPROVEMENTS]
- Documentation improvements (timbunce, oalders, autarch, frioux)
- Avoid warnings in Plack::App::WrapCGI (frioux)
|
|
Upstream changes:
MediaWiki 1.24.2
This is a security and maintenance release of the MediaWiki 1.24 branch.
Changes since 1.24.1
(bug T85848, bug T71210) SECURITY: Don't parse XMP blocks that contain XML entities, to prevent various DoS attacks.
(bug T85848) SECURITY: Don't allow directly calling Xml::isWellFormed, to reduce likelihood of DoS.
(bug T88310) SECURITY: Always expand xml entities when checking SVG's.
(bug T73394) SECURITY: Escape > in Html::expandAttributes to prevent XSS.
(bug T85855) SECURITY: Don't execute another user's CSS or JS on preview.
(bug T64685) SECURITY: Allow setting maximal password length to prevent DoS when using PBKDF2.
(bug T85349, bug T85850, bug T86711) SECURITY: Multiple issues fixed in SVG filtering to prevent XSS and protect viewer's privacy.
Fix case of SpecialAllPages/SpecialAllMessages in SpecialPageFactory to fix loading these special pages when $wgAutoloadAttemptLowercase is false.
(bug T70087) Fix Special:ActiveUsers page for installations using PostgreSQL.
(bug T76254) Fix deleting of pages with PostgreSQL. Requires a schema change and running update.php to fix.
|
|
- Disabled HTTP/2 AltSvc
- Start-up crash due to graphics hardware and third party software
- Various security fixes
|
