Commit | Line | Data |
---|---|---|
68a4c8b9 DM |
1 | Version 3.45 |
2 | [BUG FIXES] | |
3 | 1. Prevent warnings about "uninitialized values" for REQUEST_URI, HTTP_USER_AGENT and other environment variables. | |
4 | Patches by Callum Gibson, heiko and Mark Stosberg. (RT#24684, RT#29065) | |
5 | 2. Avoid death in some cases when running under Taint mode on Windows. | |
6 | Patch by Peter Hancock (RT#43796) | |
7 | 3. Allow 0 to be used as a default value in popup_menu(). This was broken starting in 3.37. | |
8 | Thanks to Haze, who was the first to report this and supply a patch, and pfschill, who pinpointed | |
9 | when the bug was introduced. A regression test for this was also added. (RT#37908) | |
10 | 4. Allow "+" as a valid character in file names, which fixes temp file creation on OS X Leopard. | |
11 | Thanks to Andy Armstrong, and alech for patches. (RT#30504) | |
12 | 5. Set binmode() on the Netware platform, thanks to Guenter Knauf (RT#27455) | |
13 | 6. Don't allow a CGI::Carp error handler to die recursively. Print a warning and exit instead. | |
14 | Thanks to Marc Chantreux. (RT#45956) | |
15 | 7. The Dump() method now is fixed to escape HTML properly. Thanks to Mark Stosberg (RT#21341) | |
16 | 8. Support for <optgroup> with scrolling_list() now works the same way as it does for popup_menu(). | |
17 | Thanks to Stuart Johnston (RT#30097) | |
18 | 9. CGI::Pretty now works properly when $" is set to ''. Thanks to Jim Keenan (RT#12401) | |
19 | 10. Fix crash when used in combination with PerlEx::DBI. Thanks to Burak Gürsoy (RT#19902) | |
20 | ||
21 | [DOCUMENTATION] | |
22 | 1. Several typos were fixed, Thanks to ambs. (RT#41105) | |
23 | 2. A typo related to the nosticky pragma was fixed, thanks to Britton Kerin. (RT#43220) | |
24 | 3. examples/nph-clock.cgi is now more portable, by calling localtime() rather than `/bin/date`, | |
25 | thanks to Guenter Knauf. (RT#27456). | |
26 | 4. In CGI::Carp, the SEE ALSO section was cleaned up, thanks to Slaven Rezic. (RT#32769) | |
27 | 5. The docs for redirect() were updated to reflect that most headers are | |
28 | ignored during redirection. Thanks to Mark Stosberg (RT#44911) | |
29 | ||
30 | [INTERNALS] | |
31 | 1. New t/unescapeHTML.t test script has been added. It includes a TODO test for a pre-existing | |
32 | bug which could use a patch. Thanks to Pete Gamache and Mark Stosberg (RT#39122) | |
33 | 2. New test scripts have been added for user_agent(), popup_menu() and query_string(), scrolling_list() and Dump() | |
34 | Thanks to Mark Stosberg and Stuart Johnston. (RT#37908, RT#43006, RT#21341, RT#30097) | |
35 | 3. CGI::Carp and CGI::Util have been updated to have non-developer version numbers. | |
36 | Thanks to Slaven Rezic. (RT#48425) | |
37 | 4. CGI::Switch and CGI::Apache now properly set their VERSION in their own name space. | |
38 | Thanks to Alexey Tourbin (RT#11941,RT#11942) | |
39 | ||
40 | Version 3.44 | |
41 | 1. Patch from Kurt Jaeger to allow HTTP PUT even if the content length is unknown. | |
42 | 2. Patch from Pavel merdin to fix a problem for one of the FireFox addons. | |
43 | 3. Fixed issue in mod_perl & fastCGI environment of cookies returned from | |
44 | CGI->cookie() leaking from one session to another. | |
45 | ||
0106d518 DM |
46 | Version 3.43 |
47 | 1. Documentation patch from MARKSTOS@cpan.org to replace all occurrences of | |
48 | "new CGI" with CGI->new()" to reflect best perl practices. | |
49 | 2. Patch from Stepan Kasal to fix utf-8 related problems in perl 5.10 | |
f8a128a9 NC |
50 | |
51 | Version 3.42 | |
52 | 1. Added patch from Renee Baecker that makes it possible to subclass | |
53 | CGI::Pretty. | |
54 | 2. Added patch from Nicholas Clark to allow ~ characters in temporary directories. | |
55 | 3. Added patch from Renee Baecker that fixes the inappropriate escaping of fields | |
56 | in multipart headers. | |
57 | ||
e1c70484 NC |
58 | Version 3.41 |
59 | 1. Fix url() returning incorrect path when query string contains escaped newline. | |
60 | 2. Added additional windows temporary directories and environment variables, courtesy patch from Renee Baecker | |
61 | 3. Added a handle() method to the lightweight upload | |
62 | filehandles. This method returns a real IO::Handle object. | |
63 | 4. Added patch from Tony Vanlingen to fix deep recursion warnings in CGI::Pretty. | |
64 | ||
65 | Version 3.40 | |
66 | 1. Fixed CGI::Fast docs to eliminate references to a "special" | |
67 | version of Perl. | |
68 | 2. Makefile.PL now depends on FCGI so that CGI::Fast installs properly. | |
69 | 3. Fix script_name() call from Stephane Chazelas. | |
70 | ||
71 | Version 3.39 | |
72 | 1. Fixed regression in "exists" function when using tied interface to CGI via $q->Vars. | |
73 | ||
74 | Version 3.38 | |
75 | 1. Fix annoying warning in http://rt.cpan.org/Ticket/Display.html?id=34551 | |
76 | 2. Added nobr() function http://rt.cpan.org/Ticket/Display.html?id=35377 | |
77 | 3. popup_menu() allows multiple items to be selected by default, satisfying | |
78 | http://rt.cpan.org/Ticket/Display.html?id=35376 | |
79 | 4. Patch from Renee Backer to avoid doubled <http-equiv> headers. | |
80 | 5. Fixed documentation bug that describes what happens when a | |
81 | parameter is empty (e.g. "?test1="). | |
82 | 6. Fixed minor warning described at http://rt.cpan.org/Public/Bug/Display.html?id=36435 | |
83 | 7. Fixed overlap of attribute and parameter space described in http://rt.perl.org/rt3//Ticket/Display.html?id=24294 | |
84 | ||
85 | Version 3.37 | |
86 | 1. Fix pragmas so that they persist over modperl invocations (e.g. RT 34761) | |
87 | 2. Fixed handling of chunked multipart uploads; thanks to Michael Bernhardt | |
88 | who reported and fixed the problem. | |
89 | ||
90 | Version 3.36 | |
91 | 1. Fix CGI::Cookie to support cookies that are separated by "," instead of ";". | |
92 | ||
86de2d7d SP |
93 | Version 3.35 |
94 | 1. Resync with bleadperl, primarily fixing a bug in parsing semicolons in uploaded filenames. | |
95 | ||
96 | Version 3.34 | |
97 | 1. Handle Unicode %uXXXX escapes properly -- patch from DANKOGAI@cpan.org | |
98 | 2. Fix url() method to not choke on path names that contain regex characters. | |
99 | ||
100 | Version 3.33 | |
101 | 1. Remove uninit variable warning when calling url(-relative=>1) | |
102 | 2. Fix uninit variable warnings for two lc calls | |
103 | 3. Fixed failure of tempfile upload due to sprintf() taint failure in perl 5.10 | |
104 | ||
105 | Version 3.32 | |
106 | 1. Patch from Miguel Santinho to prevent sending premature headers under mod_perl 2.0 | |
107 | ||
108 | Version 3.31 | |
109 | 1. Patch from Xavier Robin so that CGI::Carp issues a 500 Status code rather than a 200 status code. | |
110 | 2. Patch from Alexander Klink to select correct temporary directory in OSX Leopard so that upload works. | |
111 | 3. Possibly fixed "wrapped pack" error on 5.10 and higher. | |
112 | ||
113 | Version 3.30 | |
114 | 1. Patch from Mike Barry to handle POSTDATA in the same way as PUT. | |
115 | 2. Patch from Rafael Garcia-Suarez to correctly reencode unicode values as byte values. | |
116 | ||
681699b9 SP |
117 | Version 3.29 |
118 | 1. The position of file handles is now reset to zero when CGI->new is called. | |
119 | (Mark Stosberg) | |
120 | 2. uploadInfo() now works across multiple object instances. Also, the first | |
121 | tests for uploadInfo() were added as part of the fix. (CPAN bug 11895, with | |
122 | contributions from drfrench and Mark Stosberg). | |
123 | ||
2c454cbd SP |
124 | Version 3.28 |
125 | 1. Applied patch from Allen Day that makes Cookie parsing RFC2109 compliant | |
126 | (attribute/values can be separated by commas as well as semicolons). | |
127 | 2. Applied patch from Stephan Struckmann that allows script_name() to be set correctly. | |
128 | 3. Fixed problem with url(-full) in which port number appears twice. | |
129 | ||
8869a4b7 SP |
130 | Version 3.27 |
131 | 1. Applied patch from Steve Taylor that allows checkbox_groups to be | |
132 | disabled with a new -disabled=> option. | |
133 | ||
134 | Version 3.26 | |
135 | 1. Fixed alternate stylesheet behavior so that it is insensitive to order of declarations. | |
136 | 2. Patch from John Binns to allow users to provide a callback to CGI::Carp. | |
137 | 3. Added "~" as an unreserved character in escape(). | |
138 | 4. Patch from Chris Fedde to prevent HTTP_HOST from inhibiting SERVER_PORT in url() generation. | |
139 | 5. Fixed outdated documentation (and behavior) of -language in start_html -script option. | |
140 | 6. Fixed bug in seconds calculation in CGI::Util::expire_calc. | |
141 | ||
0664a57d SP |
142 | Version 3.25 |
143 | 1. Fixed the link to the Netscape frames page. | |
144 | 2. Added ability to specify an alternate stylesheet. | |
8869a4b7 | 145 | 3. Add support for XForms POST submssion both as application/xml or as multipart/related |
0664a57d SP |
146 | |
147 | Version 3.24 | |
148 | 1. In startform(), if request_uri() returns undef, then falls back | |
149 | to self_url(). This should rarely happen except when run outside of | |
150 | the CGI environment. | |
151 | 2. image button alignment options were mistakenly being capitalized, causing xhtml validation to fail. | |
152 | ||
153 | Version 3.23 | |
154 | 1. Typo in upload() persisted, now fixed for real. Thanks to | |
155 | Emanuele Zeppieri for correct patch and regression test. | |
156 | ||
9f9736a1 SP |
157 | Version 3.22 |
158 | 1. Typo in upload() function broke uploads. Now fixed (CPAN bug 21126). | |
159 | ||
fc786e8b SP |
160 | Version 3.21 |
161 | 1. Don't try to read data at all when POST > $POST_MAX. | |
162 | 2. Fixed bug that caused $cgi->param('name',undef,'value') to unset param('name') entirely. | |
163 | 3. Fixed bug in which upload() sometimes returns empty. (CPAN bug #12694). | |
164 | 4. Incorporated patch from BURAK@cpan.org to support HTTPcookies (CPAN bug 21019). | |
165 | ||
adb86593 SP |
166 | Version 3.20 |
167 | 1. Patch from David Wheeler for CGI::Cookie->bake(). Uses mod_perl headers_out->add() | |
168 | rather than headers_out->set(). | |
169 | 2. Fixed problem identified by Andrei Voronkov in which start_form() output was screwed | |
170 | up when initial argument begins with a dash and subsequent arguments do not. | |
171 | 3. Quashed uninitialized variable warnings coming from script_name(), url() and other | |
172 | functions that require access to the PATH_INFO environment variable. | |
173 | ||
cb3b230c SP |
174 | Version 3.19 |
175 | 1. Added patch from Stephen Frost that allows one to suppress use of the temp file that is | |
176 | created during uploads. | |
177 | 2. Fixed problem noted by Martin Foster in which regular expression meta-character terms | |
178 | in the path information were not quoted, causing URL parsing | |
179 | to fail on URLs that contained metacharacters (such as +). | |
180 | 3. More fixes to the url() method. | |
181 | 4. Removed "hack to fix broken PATH_INFO in MSII". | |
182 | ||
183 | Version 3.18 | |
184 | 1. Doc typo fixes. | |
185 | 2. Patch from Steve Peters to default the document type to match the charset. | |
186 | 3. Fixed param() so that param(-name=>'foo',-values=>[]) sets the parameter to empty list. | |
187 | ||
681699b9 SP |
188 | Version 3.17 Fri Feb 24 14:01:27 EST 2006 |
189 | 1. Added patch from Mike Hanafey which caused 0 arguments to CGI::Cookie->new() to | |
190 | be treated as empty. | |
191 | 2. Patch to CGI::Carp from Peter Whaite to fix the unfixable problem of CGI::Carp | |
192 | not behaving correctly in an eval() context. | |
193 | 3. CGI::Fast->new() calls CGI->_reset_globals to avoid contamination of one session | |
194 | with another's variables. | |
195 | 4. Fixed upload failure on files that contain semicolons in their names. | |
196 | ||
55b5d700 SP |
197 | Version 3.16 Wed Feb 8 13:29:11 EST 2006 |
198 | 1. header() -charset option now works even when the MIME type is not "text". | |
199 | 2. Fixed documentation for cookie() function and fastCGI. | |
200 | 3. Upload filehandles now only closed automatically on Windows systems. | |
201 | 4. Apache::Cookie compatibility fix from David Wheeler | |
202 | 5. CGI::Carp->fatalsToBrowser() does not work correctly with | |
203 | mod_perl 2. No workaround is known. | |
204 | 6. Fixed text status code associated with 302 redirects. Should be "Found" | |
205 | but was "Moved". | |
206 | 7. Fixed charset in start_html() and header() to be in synch. | |
207 | ||
edc47407 SP |
208 | Version 3.15 Wed Dec 7 15:13:22 EST 2005 |
209 | 1. Remove extraneous "?" from self_url() when URI contains a ? but no query string. | |
210 | ||
1f426928 SP |
211 | Version 3.14 Tue Dec 6 17:12:03 EST 2005 |
212 | 1. Fixed broken scrolling_list() select attribute. | |
213 | ||
0a9bdad4 SP |
214 | Version 3.13 |
215 | 1. Removed extraneous empty "?" from end of self_url(). | |
216 | ||
217 | Version 3.12 | |
218 | 1. Fixed virtual_port so that it works properly with https protocol. | |
219 | 2. Fixed documentation for upload_hook(). | |
220 | 3. Added POSTDATA documentation. | |
221 | 4. Made upload_hook() work in function-oriented mode. | |
222 | 5. Fixed POST_MAX behavior so that it doesn't cause client to hang. | |
223 | 6. Disabled automatic tab indexes and added new -tabindex pragma to | |
224 | turn automatic indexes back on. | |
225 | 7. The url() and self_url() methods now work better in the context of Apache | |
226 | mod_rewrite. Be advised that path_info() may give you confusing results | |
227 | when mod_rewrite is active because Apache calculates the path info *after* | |
228 | rewriting. This is mostly worked around in url() and self_url(), but you | |
229 | may notice some anomalies. | |
230 | 8. Removed empty (and non-validating) <div> from code emitted by end_form(). | |
231 | 9. Fixed CGI::Carp to work correctly with Mod_perl 1.29 in an Apache 2 environment. | |
232 | 10. Setting $CGI::TMPDIRECTORY should now be effective. | |
233 | ||
7dc108d1 SP |
234 | Version 3.11 |
235 | 1. Killed warning in CGI::Cookie about MOD_PERL_API_VERSION | |
236 | 2. Fixed append() so that it works in function mode. | |
237 | 3. Workaround for a bug that appears in Apache2 versions through 2.0.54 | |
238 | in which SCRIPT_NAME and PATH_INFO are incorrect if the additional path_info | |
239 | contains a double slash. This workaround will handle the common case of | |
240 | http://mysite.com/cgi-bin/log.cgi/http://www.some.other.site/args, but will | |
241 | not handle the uncommon case of a ScriptAlias directive that adds additional | |
242 | path information to the end of the translated URI. | |
243 | ||
70194bd6 NC |
244 | Version 3.10 |
245 | 1. Added Apache2::RequestIO, which is necessary for mp2 interoperability. | |
246 | ||
247 | Version 3.09 | |
248 | 1. Fixed tabindex="0" when using CGI to create forms without a prior start_html | |
249 | 2. Removed warning about non-numeric MOD_PERL_API_VERSION. | |
250 | ||
741ff09d RGS |
251 | Version 3.08 |
252 | 1. update support for mod_perl 2.0. versions prior to | |
253 | mod_perl 1.999_22 (2.0.0-RC5) are no longer supported. | |
254 | ||
976c4ade RGS |
255 | Version 3.07 |
256 | 1. Fixed typo in mod_perl detection. | |
257 | ||
258 | Version 3.06 | |
259 | ||
260 | 1. Fixed bare call to script() in start_html | |
261 | 2. Moved Fh::DESTROY out of autoloaded functions so as to avoid | |
262 | clobbering $@ when CGI functions are executed in an eval{} | |
263 | context. | |
264 | 3. mod_perl 2.0 version detection patch in CGI::Cookie provided by | |
265 | Allen Day. | |
266 | 4. autoEscape() flag is now respected when generating extra | |
267 | attributes. | |
268 | 5. Tests for *tag start/end generation from Shlomi Fish. | |
269 | 6. Support for can() method provided by Ron Savage. | |
270 | 7. Fix for lang='' when outputting XHTML. | |
271 | 8. Added support for chunked transfer encoding, as suggested by | |
272 | Hakan Ardo | |
273 | 9. Fixed clobbering of row and column headers in tableized radio | |
274 | and checkbox groups, as reported by Nicolas Thierry-Mieg. | |
275 | 10. <Label> tags are now associated with form elements, as suggested | |
276 | by accessibility guidelines. | |
277 | 11. The <?xml> directive produced by start_html is now turned off by | |
278 | default and the charset is specified in a <meta> directive. Apparently | |
279 | IE6 (and maybe some versions of Opera) were getting confused by this. | |
280 | 12. Support for tab indexes. | |
281 | 13. Retired the HTML docs. The POD docs are now primary documentation. | |
282 | 14. CGI::Carp now correctly detects and handles Apache::Dispatch. | |
283 | 15. CGI::Util::utf8_chr now correctly sets the UTF8 flag on 5.006 or | |
284 | higher perls (fix courtesy Slaven Rezic). | |
285 | ||
286 | ||
287 | Version 3.05 | |
288 | ||
289 | 1. Fixed uninitialized variable warning on start_form() when running | |
290 | from command line. | |
291 | 2. Fixed CGI::_set_attributes so that attributes with a - are handled | |
292 | correctly. | |
293 | 3. Fixed CGI::Carp::die() so as to avoid problems from _longmess() | |
294 | clobbering @_. | |
295 | 4. If HTTP_X_FORWARDED_HOST is defined (i.e. running under a proxy), | |
296 | the various functions that return HOST will use that instead. | |
297 | 5. Fix for undefined utf8() call in CGI::Util. | |
298 | 6. Changed the call to warningsToBrowser() in | |
299 | CGI::Carp::fatalsToBrowser to call only after HTTP header is sent | |
300 | (thanks to Didier Lebrun for noticing). | |
301 | 7. Patches from Dan Harkless to make CGI.pm validatable against HTML | |
302 | 3.2. | |
303 | 8. Fixed an extraneous "foo=bar" appearing when extra style | |
304 | parameters passed to start_html; | |
305 | 9. Fixed cross-site scripting bug in startform() pointed out by Dan | |
306 | Harkless. | |
307 | 10. Fixed documentation to discuss list context behavior of | |
308 | form-element generators explicitly. | |
309 | 11. Fixed incorrect results from end_form() when called in OO manner. | |
310 | 12. Fixed query string stripping in order to handle URLs containing | |
311 | escaped newlines. | |
312 | 13. During server push, set NPH to 0 rather than 1. This is supposed | |
313 | to fix problems with Apache. | |
314 | 14. Fixed incorrect processing of multipart form fields that contain | |
315 | embedded quotes. There's still the issue of how to handle ones | |
316 | that contain embedded semicolons, but no one has complained (yet). | |
317 | 15. Fixed documentation bug in -style argument to start_html() | |
318 | 16. Added -status argument to redirect(). | |
319 | ||
320 | Version 3.04 | |
321 | ||
322 | 1. Fixed the problem with mod_perl crashing when "defaults" button | |
323 | pressed. | |
324 | ||
325 | Version 3.03 | |
326 | ||
327 | 1. Fix upload hook functionality | |
328 | 2. Workaround for CGI->unescape_html() | |
329 | 3. Bumped version numbers in CGI::Fast and CGI::Util for 5.8.3-tobe | |
330 | ||
331 | Version 3.02 | |
332 | ||
333 | 1. Bring in Apache::Response just in case. | |
334 | 2. File upload on EBCDIC systems now works. | |
335 | ||
336 | Version 3.01 | |
337 | ||
338 | 1. No fix yet for upload failures when running on EBCDIC server. | |
339 | 2. Fixed uninitialized glob warnings that appeared when file | |
340 | uploading under perl 5.8.2. | |
341 | 3. Added patch from Schlomi Fish to allow debugging of PATH_INFO from | |
342 | command line. | |
343 | 4. Added patch from Steve Hay to correctly unlink tmp files under | |
344 | mod_perl/windows | |
345 | 5. Added upload_hook functionality from Jamie LeTaul | |
346 | 6. Workarounds for mod_perl 2 IO issues. Check that file upload and | |
347 | state saving still working. | |
348 | 7. Added code for underreads. | |
349 | 8. Fixed misleading description of redirect() and relative URLs in | |
350 | the POD docs. | |
351 | 9. Workaround for weird interaction of CGI::Carp with Safe module | |
352 | reported by William McKee. | |
353 | 10. Added patches from Ilmari Karonen to improve behavior of | |
354 | CGI::Carp. | |
355 | 11. Fixed documentation error in -style argument. | |
356 | 12. Added virtual_port() method for finding out what port server is | |
357 | listening on in a virtual-host aware fashion. | |
358 | ||
359 | Version 3.00 | |
360 | ||
361 | 1. Patch from Randal Schwartz to fix bug introduced by cross-site | |
362 | scripting vulnerability "fix." | |
363 | 2. Patch from JFreeman to replace UTF-8 escape constant of 0xfe with | |
364 | 0xfc. Hope this is right! | |
365 | ||
366 | Version 2.99 | |
367 | ||
368 | 1. Patch from Steve Hay to fix extra Content-type: appearing on | |
369 | browser screen when FatalsToBrowser invoked. | |
370 | 2. Patch from Ewann Corvellec to fix cross-site scripting | |
371 | vulnerability. | |
372 | 3. Fixed tmpdir routine for file uploading to solve problem that | |
373 | occurs under mod_perl when tmpdir is writable at startup time, but | |
374 | not at session time. | |
375 | ||
376 | Version 2.98 | |
377 | ||
378 | 1. Fixed crash in Dump() function. | |
379 | ||
380 | Version 2.97 | |
381 | ||
382 | 1. Sigh. Uploaded wrong 2.96 to CPAN. | |
383 | ||
384 | Version 2.96 | |
385 | ||
386 | 1. More bugfixes to the -style argument. | |
387 | ||
388 | Version 2.95 | |
389 | ||
390 | 1. Fixed bugs in start_html(-style=>...) support introduced in 2.94. | |
391 | ||
392 | Version 2.94 | |
393 | ||
394 | 1. Removed warning from reset() method. | |
395 | 2. Moved | |
396 | ||
397 | and tags into the :html3 group. Hope this removes undefined CGI::Area | |
398 | errors. | |
399 | ||
400 | Changed CGI::Carp to play with mod_perl2 and to (hopefully) restore | |
401 | reporting of compile-time errors. | |
402 | ||
403 | Fixed potential deadlock between web server and CGI.pm when aborting | |
404 | a read due to POST_MAX (reported by Antti Lankila). | |
405 | ||
406 | Fixed issue with tag-generating function not incorporating content | |
407 | when first variable undef. | |
408 | ||
409 | Fixed cross-site scripting bug reported by obscure. | |
410 | ||
411 | Fixed Dump() function to return correctly formed XHTML - bug | |
412 | reported by Ralph Siemsen. | |
413 | ||
414 | Version 2.93 | |
415 | ||
416 | 1. Fixed embarassing bug in mp1 support. | |
417 | ||
418 | Version 2.92 | |
419 | ||
420 | 1. Fix to be P3P compliant submitted from MPREWITT. | |
421 | 2. Added CGI->r() API for mod_perl1/mod_perl2. | |
422 | 3. Fixed bug in redirect() that was corrupting cookies. | |
423 | 4. Minor fix to behavior of reset() button to make it consistent with | |
424 | submit() button (first time this has been changed in 9 years). | |
425 | 5. Patch from Dan Kogai to handle UTF-8 correctly in 5.8 and higher. | |
426 | 6. Patch from Steve Hay to make CGI::Carp's error messages appear on | |
427 | MSIE browsers. | |
428 | 7. Added Yair Lenga's patch for non-urlencoded postings. | |
429 | 8. Added Stas Bekman's patches for mod_perl 2 compatibility. | |
430 | 9. Fixed uninitialized escape behavior submitted by William Campbell. | |
431 | 10. Fixed tied behavior so that you can pass arguments to tie() | |
432 | 11. Fixed incorrect generation of URLs when the path_info contains + | |
433 | and other odd characters. | |
434 | 12. Fixed redirect(-cookies=>$cookie) problem. | |
435 | 13. Fixed tag generation bug that affects -javascript passed to | |
436 | start_html(). | |
437 | ||
438 | Version 2.91 | |
439 | ||
440 | 1. Attribute generation now correctly respects the value of | |
441 | autoEscape(). | |
442 | 2. Fixed endofrm() syntax error introduced by Ben Edgington's patch. | |
443 | ||
444 | Version 2.90 | |
445 | ||
446 | 1. Fixed bug in redirect header handling. | |
447 | 2. Added P3P option to header(). | |
448 | 3. Patches from Alexey Mahotkin to make CGI::Carp work correctly with | |
449 | object-oriented exceptions. | |
450 | 4. Removed inaccurate description of how to set multiple cookies from | |
451 | CGI::Cookie pod file. | |
452 | 5. Patch from Kevin Mahony to prevent running out of filehandles when | |
453 | uploading lots of files. | |
454 | 6. Documentation enhancement from Mark Fisher to note that the | |
455 | import_names() method transforms the parameter names into valid | |
456 | Perl names. | |
457 | 7. Patch from Dan Harkless to suppress lang attribute in <html> tag | |
458 | if specified as a null string. | |
459 | 8. Patch from Ben Edgington to fix broken XHTML-transitional 1.0 | |
460 | validation on endform(). | |
461 | 9. Custom html header fix from Steffen Beyer (first letter correctly | |
462 | upcased now) | |
463 | 10. Added a -verbatim option to stylesheet generation from Michael | |
464 | Dickson | |
465 | 11. Faster delete() method from Neelam Gupta | |
466 | 12. Fixed broken Cygwin support. | |
467 | 13. Added empty charset support from Bradley Baetz | |
468 | 14. Patches from Doug Perham and Kevin Mahoney to fix file upload | |
469 | failures when uploaded file is a multiple of 4096. | |
470 | ||
471 | Version 2.89 | |
472 | ||
473 | 1. Fixed behavior of ACTION tag when POSTING to a URL that has a | |
474 | query string. | |
475 | 2. Added Patch from Michael Rommel to handle multipart/mixed uploads | |
476 | from Opera | |
477 | ||
478 | Version 2.88 | |
479 | ||
480 | 1. Fixed problem with uploads being refused under Perl 5.8 when under | |
481 | Taint mode. | |
482 | 2. Fixed uninitialized variable warnings under Perl 5.8. | |
483 | 3. Fixed CGI::Pretty regression test failures. | |
484 | ||
485 | Version 2.87 | |
486 | ||
487 | 1. Security hole patched: when processing multipart/form-data | |
488 | postings, most arguments were being untainted silently. Returned | |
489 | arguments are now tainted correctly. This may cause some scripts | |
490 | to fail that used to work (thanks to Nick Cleaton for pointing | |
491 | this out and persisting until it was fixed). | |
492 | 2. Update for mod_perl 2.0. | |
493 | 3. Pragmas such as -no_xhtml are now respected in mod_perl | |
494 | environment. | |
495 | ||
496 | Version 2.86 | |
497 | ||
498 | 1. Fixes for broken CGI::Cookie expiration dates introduced in 2.84. | |
499 | ||
500 | Version 2.85 | |
501 | ||
502 | 1. Fix for broken autoEscape function introduced in 2.84. | |
503 | ||
504 | Version 2.84 | |
505 | ||
506 | 1. Fix for failed file uploads on Cygwin platforms. | |
507 | 2. HTML escaping code now replaced 0x8b and 0x9b with unicode | |
508 | references < and *#8250; | |
509 | ||
510 | Version 2.83 | |
511 | ||
512 | 1. Fixed autoEscape() documentation inconsistencies. | |
513 | 2. Patch from Ville Skyttä to fix a number of XHTML inconsistencies. | |
514 | 3. Added Max-Age to list of CGI::Cookie headers. | |
515 | ||
516 | Version 2.82 | |
517 | ||
518 | 1. Patch from Rudolf Troller to add attribute setting and option | |
519 | groups to form fields. | |
520 | 2. Patch from Simon Perreault for silent crashes when using CGI::Carp | |
521 | under mod_perl. | |
522 | 3. Patch from Scott Gifford allows you to set the program name for | |
523 | CGI::Carp. | |
524 | ||
525 | Version 2.81 | |
526 | ||
527 | 1. Removed extraneous slash from end of stylesheet tags generated by | |
528 | start_html in non-XHTML mode. | |
529 | 2. Changed behavior of CGI::Carp with respect to eval{} contexts so | |
530 | that output behaves properly in mod_perl environments. | |
531 | 3. Fixed default DTD so that it validates with W3C validator. | |
532 | ||
533 | Version 2.80 | |
534 | ||
535 | 1. Fixed broken messages in CGI::Carp. | |
536 | 2. Changed checked="1" to checked="checked" for real XHTML | |
537 | compatibility. | |
538 | 3. Resurrected REQUEST_URI code so that url() works correctly with | |
539 | multiviews. | |
540 | ||
541 | Version 2.79 | |
542 | ||
543 | 1. Changes to CGI::Carp to avoid "subroutine redefined" error | |
544 | messages. | |
545 | 2. Default DTD is now XHTML 1.0 Transitional | |
546 | 3. Patches to support all HTML4 tags. | |
547 | ||
548 | Version 2.78 | |
549 | ||
550 | 1. Added ability to change encoding in <?xml> assertion. | |
551 | 2. Fixed the old escapeHTML('CGI') ne "CGI" bug | |
552 | 3. In accordance with XHTML requirements, there are no longer any | |
553 | minimized attributes, such as "checked". | |
554 | 4. Patched bug which caused file uploads of exactly 4096 bytes to be | |
555 | truncated to 4094 (thanks to Kevin Mahony) | |
556 | 5. New tests and fixes to CGI::Pretty (thanks to Michael Schwern). | |
557 | ||
558 | Version 2.77 | |
559 | ||
560 | 1. No new features, but released in order to fix an apparent CPAN | |
561 | bug. | |
562 | ||
563 | Version 2.76 | |
564 | ||
565 | 1. New esc.t regression test for EBCDIC translations courtesy Peter | |
566 | Prymmer. | |
567 | 2. Patches from James Jurach to make compatible with FCGI-ProcManager | |
568 | 3. Additional fields passed to header() (like -Content_disposition) | |
569 | now honor initial capitalization. | |
570 | 4. Patch from Andrew McNaughton to handle utf-8 escapes (%uXXXX | |
571 | codes) in URLs. | |
572 | ||
573 | Version 2.752 | |
574 | ||
575 | 1. Syntax error in the autoloaded Fh::new() subroutine. | |
576 | 2. Better error reporting in autoloaded functions. | |
577 | ||
578 | Version 2.751 | |
579 | ||
580 | 1. Tiny tweak to filename regular expression function on line 3355. | |
581 | ||
582 | Version 2.75 | |
583 | ||
584 | 1. Fixed bug in server push boundary strings (CGI.pm and CGI::Push). | |
585 | 2. Fixed bug that occurs when uploading files with funny characters | |
586 | in the name | |
587 | 3. Fixed non-XHTML-compliant attributes produced by textfield() | |
588 | 4. Added EPOC support, courtesy Olaf Flebbe | |
589 | 5. Fixed minor XHTML bugs. | |
590 | 6. Made escape() and unescape() symmetric with respect to EBCDIC, | |
591 | courtesy Roca, Ignasi <ignasi.roca@fujitsu.siemens.es> | |
592 | 7. Removed uninitialized variable warning from CGI::Cookie, provided | |
593 | by Atipat Rojnuckarin <rojnuca@yahoo.com> | |
594 | 8. Fixed bug in CGI::Pretty that causes it to print partial end tags | |
595 | when the $INDENT global is changed. | |
596 | 9. Single quotes are changed to character entity ' for compatibility | |
597 | with URLs. | |
598 | ||
599 | Version 2.74 | |
600 | ||
601 | September 13, 2000 | |
602 | 1. Quashed one-character bug that caused CGI.pm to fail on file | |
603 | uploads. | |
604 | ||
605 | Version 2.73 | |
606 | ||
607 | September 12, 2000 | |
608 | 1. Added -base to the list of arguments accepted by url(). | |
609 | 2. Fixes to XHTML support. | |
610 | 3. POST parameters no longer show up in the Location box. | |
611 | ||
612 | Version 2.72 | |
613 | ||
614 | August 19, 2000 | |
615 | 1. Fixed the defaults button so that it works again | |
616 | 2. Charset is now correctly saved and restored when saving to files | |
617 | 3. url() now works correctly when given scripts with %20 and other | |
618 | escapes in the additional path info. This undoes a patch | |
619 | introduced in version 2.47 that I no longer understand the | |
620 | rationale for. | |
621 | ||
622 | Version 2.71 | |
623 | ||
624 | August 13, 2000 | |
625 | 1. Newlines in the value attributes of hidden fields and other form | |
626 | elements are now escaped when using ISO-Latin. | |
627 | 2. Inline script and style sections are now protected as CDATA | |
628 | sections when XHTML mode is on (the default). | |
629 | ||
630 | Version 2.70 | |
631 | ||
632 | August 4, 2000 | |
633 | 1. Fixed bug in scrolling_list() which omitted a space in front of | |
634 | the "multiple" attribute. | |
635 | 2. Squashed the "useless use of string in void context" message from | |
636 | redirects. | |
637 | ||
638 | Version 2.69 | |
639 | ||
640 | 1. startform() now creates default ACTION for POSTs as well as GETs. | |
641 | This may break some browsers, but it no longer violates the HTML | |
642 | spec. | |
643 | 2. CGI.pm now emits XHTML by default. Disable with -no_xhtml. | |
644 | 3. We no longer interpret &#ddd sequences in non-latin character | |
645 | sets. | |
646 | ||
647 | Version 2.68 | |
648 | ||
649 | 1. No longer attempts to escape characters when dealing with non | |
650 | ISO-8861 character sets. | |
651 | 2. checkbox() function now defaults to using -value as its label, | |
652 | rather than -name. The current behavior is what has been | |
653 | documented from the beginning. | |
654 | 3. -style accepts array reference to incorporate multiple stylesheets | |
655 | into document. | |
656 | ||
657 | 1. Fixed two bugs that caused the -compile pragma to fail with a | |
658 | syntax error. | |
659 | ||
660 | Version 2.67 | |
661 | ||
662 | 1. Added XHTML support (incomplete; tags need to be lowercased). | |
663 | 2. Fixed CGI/Carp when running under mod_perl. Probably broke in | |
664 | other contexts. | |
665 | 3. Fixed problems when passing multiple cookies. | |
666 | 4. Suppress warnings from _tableize() that were appearing when using | |
667 | -w switch with radio_group() and checkbox_group(). | |
668 | 5. Support for the header() -attachment argument, which can give | |
669 | pages a default file name when saving to disk. | |
670 | ||
671 | Version 2.66 | |
672 | ||
673 | 1. 2.65 changes in make_attributes() broke HTTP header functions | |
674 | (including redirect), so made it context sensitive. | |
675 | ||
676 | Version 2.65 | |
677 | ||
678 | 1. Fixed regression tests to skip tests that require implicit fork on | |
679 | machines without fork(). | |
680 | 2. Changed make_attributes() to automatically escape any HTML | |
681 | reserved characters. | |
682 | 3. Minor documentation fix in javascript example. | |
683 | ||
684 | Version 2.64 | |
685 | ||
686 | 1. Changes introduced in 2.63 broke param() when retrieving parameter | |
687 | lists containing only a single argument. This is now fixed. | |
688 | 2. self_url() now defaults to returning parameters delimited with | |
689 | semicolon. Use the pragma -oldstyle_urls to get the old "&" | |
690 | delimiter. | |
691 | ||
692 | Version 2.63 | |
693 | ||
694 | 1. Fixed CGI::Push to pull out parameters correctly. | |
695 | 2. Fixed redirect() so that it works with default character set | |
696 | 3. Changed param() so as to returned empty string '' when referring | |
697 | to variables passed in query strings like 'name1=&name2' | |
698 | ||
699 | Version 2.62 | |
700 | ||
701 | 1. Fixed broken ReadParse() function, and added regression tests | |
702 | 2. Fixed broken CGI::Pretty, and added regression tests | |
703 | ||
704 | Version 2.61 | |
705 | ||
706 | 1. Moved more functions from CGI.pm proper into CGI/Util.pm. | |
707 | CGI/Cookie should now be standalone. | |
708 | 2. Disabled per-user temporary directories, which were causing grief. | |
709 | ||
710 | Version 2.60 | |
711 | ||
712 | 1. Fixed junk appearing in autogenerated HTML functions when using | |
713 | object-oriented mode. | |
714 | ||
715 | Version 2.59 | |
716 | ||
717 | 1. autoescape functionality breaks too much existing code, removed | |
718 | it. | |
719 | 2. use escapeHTML() manually | |
720 | ||
721 | Version 2.58 | |
722 | ||
723 | This is the release version of 2.57. | |
724 | ||
725 | Version 2.57 | |
726 | ||
727 | 1. Added -debug pragma and turned off auto reading of STDIN. | |
728 | 2. Default DTD updated to HTML 4.01 transitional. | |
729 | 3. Added charset() method and the -charset argument to header(). | |
730 | 4. Fixed behavior of escapeHTML() to respect charset() and to escape | |
731 | nasty Windows characters (thanks to Tom Christiansen). | |
732 | 5. Handle REDIRECT_QUERY_STRING correctly. | |
733 | 6. Removed use_named_parameters() because of dependency problems and | |
734 | general lameness. | |
735 | 7. Fixed problems with bad HREF links generated by url(-relative=>1) | |
736 | when the url is like /people/. | |
737 | 8. Silenced a warning on upload (patch provided by Jonas Liljegren) | |
738 | 9. Fixed race condition in CGI::Carp when errors occur during parsing | |
739 | (patch provided by Maurice Aubrey). | |
740 | 10. Fixed failure of url(-path_info=>1) when path contains % signs. | |
741 | 11. Fixed warning from CGI::Cookie when receiving foreign cookies that | |
742 | don't use name=value format. | |
743 | 12. Fixed incompatibilities with file uploading on VMS systems. | |
744 | ||
745 | Version 2.56 | |
746 | ||
747 | 1. Fixed bugs in file upload introduced in version 2.55 | |
748 | 2. Fixed long-standing bug that prevented two files with identical | |
749 | names from being uploaded. | |
750 | ||
751 | Version 2.55 | |
752 | ||
753 | 1. Fixed cookie regression test so as not to produce an error. | |
754 | 2. Fixed path_info() and self_url() to work correctly together when | |
755 | path_info() modified. | |
756 | 3. Removed manify warnings from CGI::{Switch,Apache}. | |
757 | ||
758 | Version 2.54 | |
759 | ||
760 | 1. This will be the last release of the monolithic CGI.pm module. | |
761 | Later versions will be modularized and optimized. | |
762 | 2. DOMAIN tag no longer added to cookies by default. This will break | |
763 | some versions of Internet Explorer, but will avoid breaking | |
764 | networks which use host tables without fully qualified domain | |
765 | names. For compatibility, please always add the -domain tag when | |
766 | creating cookies. | |
767 | 3. Fixed escape() method so that +'s are treated correctly. | |
768 | 4. Updated CGI::Pretty module. | |
769 | ||
770 | Version 2.53 | |
771 | ||
772 | 1. Forgot to upgrade regression tests before releasing 2.52. NOTHING | |
773 | ELSE HAS CHANGED IN LIBRARY | |
774 | ||
775 | Version 2.52 | |
776 | ||
777 | 1. Spurious newline in checkbox() routine removed. (courtesy John | |
778 | Essen) | |
779 | 2. TEXTAREA linebreaks now respected in dump() routine. (courtesy | |
780 | John Essen) | |
781 | 3. Patches for DOS ports (courtesy Robert Davies) | |
782 | 4. Patches for VMS | |
783 | 5. More fixes for cookie problems | |
784 | 6. Fix CGI::Carp so that it doesn't affect eval{} blocks (courtesy | |
785 | Byron Brummer) | |
786 | ||
787 | Version 2.51 | |
788 | ||
789 | 1. Fixed problems with cookies not being remembered when sent to IE | |
790 | 5.0 (and Netscape 5.0 too?) | |
791 | 2. Numerous HTML compliance problems in cgi_docs.html; fixed thanks | |
792 | to Michael Leahy | |
793 | ||
794 | Version 2.50 | |
795 | ||
796 | 1. Added a new Vars() method to retrieve all parameters as a tied | |
797 | hash. | |
798 | 2. Untainted tainted tempfile name so that script doesn't fail on | |
799 | terminal unlink. | |
800 | 3. Made picking of upload tempfile name more intelligent so that | |
801 | doesn't fail in case of name collision. | |
802 | 4. Fixed handling of expire times when passed an absolute timestamp. | |
803 | 5. Changed dump() to Dump() to avoid name clashes. | |
804 | ||
805 | Version 2.49 | |
806 | ||
807 | 1. Fixes for FastCGI (globals not getting reset) | |
808 | 2. Fixed url() to correctly handle query string and path under | |
809 | MOD_PERL | |
810 | ||
811 | Version 2.48 | |
812 | ||
813 | 1. Reverted detection of MOD_PERL to avoid breaking PerlEX. | |
814 | ||
815 | Version 2.47 | |
816 | ||
817 | 1. Patch to fix file upload bug appearing in IE 3.01 for | |
818 | Macintosh/PowerPC. | |
819 | 2. Replaced use of $ENV{SCRIPT_NAME} with $ENV{REQUEST_URI} when | |
820 | running under Apache, to fix self-referencing URIs. | |
821 | 3. Fixed bug in escapeHTML() which caused certain constructs, such as | |
822 | CGI->image_button(), to fail. | |
823 | 4. Fixed bug which caused strong('CGI') to fail. Be careful to use | |
824 | CGI::strong('CGI') and not CGI->strong('CGI'). The latter will | |
825 | produce confusing results. | |
826 | 5. Added upload() function, as a preferred replacement for the | |
827 | "filehandle as string" feature. | |
828 | 6. Added cgi_error() function. | |
829 | 7. Rewrote file upload handling to return undef rather than dieing | |
830 | when an error is encountered. Be sure to call cgi_error() to find | |
831 | out what went wrong. | |
832 | ||
833 | Version 2.46 | |
834 | ||
835 | 1. Fix for failure of the "include" tests under mod_perl | |
836 | 2. Added end_multipart_form to prevent failures during qw(-compile | |
837 | :all) | |
838 | ||
839 | Version 2.45 | |
840 | ||
841 | 1. Multiple small documentation fixes | |
842 | 2. CGI::Pretty didn't get into 2.44. Fixed now. | |
843 | ||
844 | Version 2.44 | |
845 | ||
846 | 1. Fixed file descriptor leak in upload function. | |
847 | 2. Fixed bug in header() that prevented fields from containing double | |
848 | quotes. | |
849 | 3. Added Brian Paulsen's CGI::Pretty package for pretty-printing | |
850 | output HTML. | |
851 | 4. Removed CGI::Apache and CGI::Switch from the distribution. | |
852 | 5. Generated start_* shortcuts so that start_table(), end_table(), | |
853 | start_ol(), end_ol(), and so forth now work (see the docs on how | |
854 | to enable this feature). | |
855 | 6. Changed accept() to Accept(), sub() to Sub(). There's still a | |
856 | conflict with reset(), but this will break too many existing | |
857 | scripts! | |
858 | ||
859 | Version 2.43 | |
860 | ||
861 | 1. Fixed problem with "use strict" and file uploads (thanks to Peter | |
862 | Haworth) | |
863 | 2. Fixed problem with not MSIE 3.01 for the power_mac not doing file | |
864 | uploads right. | |
865 | 3. Fixed problem with file upload on IIS 4.0 when authorization in | |
866 | use. | |
867 | 4. -content_type and '-content-type' can now be provided to header() | |
868 | as synonyms for -type. | |
869 | 5. CGI::Carp now escapes the ampersand BEFORE escaping the > and < | |
870 | signs. | |
871 | 6. Fixed "not an array reference" error when passing a hash reference | |
872 | to radio_group(). | |
873 | 7. Fixed non-removal of uploaded TMP files on NT platforms which | |
874 | occurs when server runs on non-C drive (thanks to Steve Kilbane | |
875 | for finding this one). | |
876 | ||
877 | Version 2.42 | |
878 | ||
879 | 1. Too many screams of anguish at changed behavior of url(). Is now | |
880 | back to its old behavior by default, with options to generate all | |
881 | the variants. | |
882 | 2. Added regression tests. "make test" now works. | |
883 | 3. Documentation fixes. | |
884 | 4. Fixes for Macintosh uploads, but uploads STILL do not work pending | |
885 | changes to MacPerl. | |
886 | ||
887 | Version 2.41 | |
888 | ||
889 | 1. url() method now includes the path info. Use script_name() to get | |
890 | it without path info(). | |
891 | 2. Changed handling of empty attributes in HTML tag generation. Be | |
892 | warned! Use table({-border=>undef}) rather than | |
893 | table({-border=>''}). | |
894 | 3. Changes to allow uploaded filenames to be compared to other | |
895 | strings with "eq", "cmp" and "ne". | |
896 | 4. Changes to allow CGI.pm to coexist more peacefully with | |
897 | ActiveState PerlEX. | |
898 | 5. Changes to prevent exported variables from clashing when importing | |
899 | ":all" set in combination with cookies. | |
900 | ||
901 | Version 2.40 | |
902 | ||
903 | 1. CGI::Carp patched to work better with mod_perl (thanks to Chris | |
904 | Dean). | |
905 | 2. Uploads of files whose names begin with numbers or the Windows | |
906 | \\UNC\shared\file nomenclature should no longer fail. | |
907 | 3. The <STYLE> tag (for cascading style sheets) now generates the | |
908 | required TYPE attribute. | |
909 | 4. Server push primitives added, thanks to Ed Jordan. | |
910 | 5. Table and other HTML3 functions are now part of the :standard set. | |
911 | 6. Small documentation fixes. | |
912 | ||
913 | TO DO: | |
914 | 1. Do something about the DTD mess. The module should generate | |
915 | correct DTDs, or at least offer the programmer a way to specify | |
916 | the correct one. | |
917 | 2. Split CGI.pm into CGI processing and HTML-generating modules. | |
918 | 3. More robust file upload (?still not working on the Macintosh?). | |
919 | 4. Bring in all the HTML4 functionality, particular the accessibility | |
920 | features. | |
921 | ||
922 | Version 2.39 | |
923 | ||
924 | 1. file uploads failing because of VMS patch; fixed. | |
925 | 2. -dtd parameter was not being properly processed. | |
926 | ||
927 | Version 2.38 | |
928 | ||
929 | I finally got tired of all the 2.37 betas and released 2.38. The main | |
930 | difference between this version and the last 2.37 beta (2.37b30) are | |
931 | some fixes for VMS. This should allow file upload to work properly on | |
932 | all VMS Web servers. | |
933 | ||
934 | Version 2.37, various beta versions | |
935 | ||
936 | 1. Added a CGI::Cookie::parse() method for lucky mod_perl users. | |
937 | 2. No longer need separate -values and -labels arguments for | |
938 | multi-valued form elements. | |
939 | 3. Added better interface to raw cookies (fix courtesy Ken Fox, | |
940 | kfox@ford.com) | |
941 | 4. Added param_fetch() function for direct access to parameter list. | |
942 | 5. Fix to checkbox() to allow for multi-valued single checkboxes | |
943 | (weird problem). | |
944 | 6. Added a compile() method for those who want to compile without | |
945 | importing. | |
946 | 7. Documented the import pragmas a little better. | |
947 | 8. Added a -compile switch to the use clause for the long-suffering | |
948 | mod_perl and Perl compiler users. | |
949 | 9. Fixed initialization routines so that FileHandle and type globs | |
950 | work correctly (and hash initialization doesn't fail!). | |
951 | 10. Better deletion of temporary files on NT systems. | |
952 | 11. Added documentation on escape(), unescape(), unescapeHTML() and | |
953 | unescapeHTML() subroutines. | |
954 | 12. Added documentation on creating subclasses. | |
955 | 13. Fixed problem when calling $self->SUPER::foo() from inheriting | |
956 | subclasses. | |
957 | 14. Fixed problem using filehandles from within subroutines. | |
958 | 15. Fixed inability to use the string "CGI" as a parameter. | |
959 | 16. Fixed exponentially growing $FILLUNIT bug | |
960 | 17. Check for undef filehandle in read_from_client() | |
961 | 18. Now requires the UNIVERSAL.pm module, present in Perl 5.003_7 or | |
962 | higher. | |
963 | 19. Fixed problem with uppercase-only parameters being ignored. | |
964 | 20. Fixed vanishing cookie problem. | |
965 | 21. Fixed warning in initialize_globals() under mod_perl. | |
966 | 22. File uploads from Macintosh versions of MSIE should now work. | |
967 | 23. Pragmas now preceded by dashes (-nph) rather than colons (:nph). | |
968 | Old style is supported for backward compatability. | |
969 | 24. Can now pass arguments to all functions using {} brackets, | |
970 | resolving historical inconsistencies. | |
971 | 25. Removed autoloader warnings about absent MultipartBuffer::DESTROY. | |
972 | 26. Fixed non-sticky checkbox() when -name used without -value. | |
973 | 27. Hack to fix path_info() in IIS 2.0. Doesn't help with IIS 3.0. | |
974 | 28. Parameter syntax for debugging from command line now more | |
975 | straightforward. | |
976 | 29. Added $DISABLE_UPLOAD to disable file uploads. | |
977 | 30. Added $POST_MAX to error out if POSTings exceed some ceiling. | |
978 | 31. Fixed url_param(), which wasn't working at all. | |
979 | 32. Fixed variable suicide problem in s///e expressions, where the | |
980 | autoloader was needed during evaluation. | |
981 | 33. Removed excess spaces between elements of checkbox and radio | |
982 | groups | |
983 | 34. Can now create "valueless" submit buttons | |
984 | 35. Can now set path_info as well as read it. | |
985 | 36. ReadParse() now returns a useful function result. | |
986 | 37. import_names() now allows you to optionally clear out the | |
987 | namespace before importing (for mod_perl users) | |
988 | 38. Made it possible to have a popup menu or radio button with a value | |
989 | of "0". | |
990 | 39. link() changed to Link() to avoid overriding native link function. | |
991 | 40. Takes advantage of mod_perl's register_cleanup() function to clear | |
992 | globals. | |
993 | 41. <LAYER> and <ILAYER> added to :html3 functions. | |
994 | 42. Fixed problems with private tempfiles and NT/IIS systems. | |
995 | 43. No longer prints the DTD by default (I bet no one will complain). | |
996 | 44. Allow underscores to replace internal hyphens in parameter names. | |
997 | 45. CGI::Push supports heterogeneous MIME types and adjustable delays | |
998 | between pages. | |
999 | 46. url_param() method added for retrieving URL parameters even when a | |
1000 | fill-out form is POSTed. | |
1001 | 47. Got rid of warnings when radio_group() is called. | |
1002 | 48. Cookies now moved to their very own module. | |
1003 | 49. Fixed documentation bug in CGI::Fast. | |
1004 | 50. Added a :no_debug pragma to the import list. | |
1005 | ||
1006 | Version 2.36 | |
1007 | ||
1008 | 1. Expanded JavaScript functionality | |
1009 | 2. Preliminary support for cascading stylesheets | |
1010 | 3. Security fixes for file uploads: | |
1011 | + Module will bail out if its temporary file already exists | |
1012 | + Temporary files can now be made completely private to avoid | |
1013 | peeking by other users or CGI scripts. | |
1014 | 4. use CGI qw/:nph/ wasn't working correctly. Now it is. | |
1015 | 5. Cookie and HTTP date formats didn't meet spec. Thanks to Mark | |
1016 | Fisher (fisherm@indy.tce.com) for catching and fixing this. | |
1017 | ||
1018 | p | |
1019 | ||
1020 | Version 2.35 | |
1021 | ||
1022 | 1. Robustified multipart file upload against incorrect syntax in | |
1023 | POST. | |
1024 | 2. Fixed more problems with mod_perl. | |
1025 | 3. Added -noScript parameter to start_html(). | |
1026 | 4. Documentation fixes. | |
1027 | ||
1028 | Version 2.34 | |
1029 | ||
1030 | 1. Stupid typo fix | |
1031 | ||
1032 | Version 2.33 | |
1033 | ||
1034 | 1. Fixed a warning about an undefined environment variable. | |
1035 | 2. Doug's patch for redirect() under mod_perl | |
1036 | 3. Partial fix for busted inheritence from CGI::Apache | |
1037 | 4. Documentation fixes. | |
1038 | ||
1039 | Version 2.32 | |
1040 | ||
1041 | 1. Improved support for Apache's mod_perl. | |
1042 | 2. Changes to better support inheritance. | |
1043 | 3. Support for OS/2. | |
1044 | ||
1045 | Version 2.31 | |
1046 | ||
1047 | 1. New uploadInfo() method to obtain header information from uploaded | |
1048 | files. | |
1049 | 2. cookie() without any arguments returns all the cookies passed to a | |
1050 | script. | |
1051 | 3. Removed annoying warnings about $ENV{NPH} when running with the -w | |
1052 | switch. | |
1053 | 4. Removed operator overloading throughout to make compatible with | |
1054 | new versions of perl. | |
1055 | 5. -expires now implies the -date header, to avoid clock skew. | |
1056 | 6. WebSite passes cookies in $ENV{COOKIE} rather than | |
1057 | $ENV{HTTP_COOKIE}. We now handle this, even though it's O'Reilly's | |
1058 | fault. | |
1059 | 7. Tested successfully against new sfio I/O layer. | |
1060 | 8. Documentation fixes. | |
1061 | ||
1062 | Version 2.30 | |
1063 | ||
1064 | 1. Automatic detection of operating system at load time. | |
1065 | 2. Changed select() function to Select() in order to avoid conflict | |
1066 | with Perl built-in. | |
1067 | 3. Added Tr() as an alternative to TR(); some people think it looks | |
1068 | better that way. | |
1069 | 4. Fixed problem with autoloading of MultipartBuffer::DESTROY code. | |
1070 | 5. Added the following methods: | |
1071 | + virtual_host() | |
1072 | + server_software() | |
1073 | 6. Automatic NPH mode when running under Microsoft IIS server. | |
1074 | ||
1075 | Version 2.29 | |
1076 | ||
1077 | 1. Fixed cookie bugs | |
1078 | 2. Fixed problems that cropped up when useNamedParameters was set to | |
1079 | 1. | |
1080 | 3. Prevent CGI::Carp::fatalsToBrowser() from crapping out when | |
1081 | encountering a die() within an eval(). | |
1082 | 4. Fixed problems with filehandle initializers. | |
1083 | ||
1084 | Version 2.28 | |
1085 | ||
1086 | 1. Added support for NPH scripts; also fixes problems with Microsoft | |
1087 | IIS. | |
1088 | 2. Fixed a problem with checkbox() values not being correctly saved | |
1089 | and restored. | |
1090 | 3. Fixed a bug in which CGI objects created with empty string | |
1091 | initializers took on default values from earlier CGI objects. | |
1092 | 4. Documentation fixes. | |
1093 | ||
1094 | Version 2.27 | |
1095 | ||
1096 | 1. Small but important bug fix: the automatic capitalization of tag | |
1097 | attributes was accidentally capitalizing the VALUES as well as the | |
1098 | ATTRIBUTE names (oops). | |
1099 | ||
1100 | Version 2.26 | |
1101 | ||
1102 | 1. Changed behavior of scrolling_list(), checkbox() and | |
1103 | checkbox_group() methods so that defaults are honored correctly. | |
1104 | The "fix" causes endform() to generate additional <INPUT | |
1105 | TYPE="HIDDEN"> tags -- don't be surpised. | |
1106 | 2. Fixed bug involving the detection of the SSL protocol. | |
1107 | 3. Fixed documentation error in position of the -meta argument in | |
1108 | start_html(). | |
1109 | 4. HTML shortcuts now generate tags in ALL UPPERCASE. | |
1110 | 5. start_html() now generates correct SGML header: | |
1111 | <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN"> | |
1112 | ||
1113 | 6. CGI::Carp no longer fails "use strict refs" pragma. | |
1114 | ||
1115 | Version 2.25 | |
1116 | ||
1117 | 1. Fixed bug that caused bad redirection on destination URLs with | |
1118 | arguments. | |
1119 | 2. Fixed bug involving use_named_parameters() followed by | |
1120 | start_multipart_form() | |
1121 | 3. Fixed bug that caused incorrect determination of binmode for | |
1122 | Macintosh. | |
1123 | 4. Spelling fixes on documentation. | |
1124 | ||
1125 | Version 2.24 | |
1126 | ||
1127 | 1. Fixed bug that caused generation of lousy HTML for some form | |
1128 | elements | |
1129 | 2. Fixed uploading bug in Windows NT | |
1130 | 3. Some code cleanup (not enough) | |
1131 | ||
1132 | Version 2.23 | |
1133 | ||
1134 | 1. Fixed an obscure bug that caused scripts to fail mysteriously. | |
1135 | 2. Fixed auto-caching bug. | |
1136 | 3. Fixed bug that prevented HTML shortcuts from passing taint checks. | |
1137 | 4. Fixed some -w warning problems. | |
1138 | ||
1139 | Version 2.22 | |
1140 | ||
1141 | 1. New CGI::Fast module for use with FastCGI protocol. See pod | |
1142 | documentation for details. | |
1143 | 2. Fixed problems with inheritance and autoloading. | |
1144 | 3. Added TR() (<tr>) and PARAM() (<param>) methods to list of | |
1145 | exported HTML tag-generating functions. | |
1146 | 4. Moved all CGI-related I/O to a bottleneck method so that this can | |
1147 | be overridden more easily in mod_perl (thanks to Doug MacEachern). | |
1148 | 5. put() method as substitute for print() for use in mod_perl. | |
1149 | 6. Fixed crash in tmpFileName() method. | |
1150 | 7. Added tmpFileName(), startform() and endform() to export list. | |
1151 | 8. Fixed problems with attributes in HTML shortcuts. | |
1152 | 9. Functions that don't actually need access to the CGI object now no | |
1153 | longer generate a default one. May speed things up slightly. | |
1154 | 10. Aesthetic improvements in generated HTML. | |
1155 | 11. New examples. | |
1156 | ||
1157 | Version 2.21 | |
1158 | ||
1159 | 1. Added the -meta argument to start_html(). | |
1160 | 2. Fixed hidden fields (again). | |
1161 | 3. Radio_group() and checkbox_group() now return an appropriate | |
1162 | scalar value when called in a scalar context, rather than | |
1163 | returning a numeric value! | |
1164 | 4. Cleaned up the formatting of form elements to avoid unesthetic | |
1165 | extra spaces within the attributes. | |
1166 | 5. HTML elements now correctly include the closing tag when | |
1167 | parameters are present but null: em('') | |
1168 | 6. Added password_field() to the export list. | |
1169 | ||
1170 | Version 2.20 | |
1171 | ||
1172 | 1. Dumped the SelfLoader because of problems with running with taint | |
1173 | checks and rolled my own. Performance is now significantly | |
1174 | improved. | |
1175 | 2. Added HTML shortcuts. | |
1176 | 3. import() now adheres to the Perl module conventions, allowing | |
1177 | CGI.pm to import any or all method names into the user's name | |
1178 | space. | |
1179 | 4. Added the ability to initialize CGI objects from strings and | |
1180 | associative arrays. | |
1181 | 5. Made it possible to initialize CGI objects with filehandle | |
1182 | references rather than filehandle strings. | |
1183 | 6. Added the delete_all() and append() methods. | |
1184 | 7. CGI objects correctly initialize from filehandles on NT/95 systems | |
1185 | now. | |
1186 | 8. Fixed the problem with binary file uploads on NT/95 systems. | |
1187 | 9. Fixed bug in redirect(). | |
1188 | 10. Added '-Window-target' parameter to redirect(). | |
1189 | 11. Fixed import_names() so that parameter names containing funny | |
1190 | characters work. | |
1191 | 12. Broke the unfortunate connection between cookie and CGI parameter | |
1192 | name space. | |
1193 | 13. Fixed problems with hidden fields whose values are 0. | |
1194 | 14. Cleaned up the documentation somewhat. | |
1195 | ||
1196 | Version 2.19 | |
1197 | ||
1198 | 1. Added cookie() support routines. | |
1199 | 2. Added -expires parameter to header(). | |
1200 | 3. Added cgi-lib.pl compatability mode. | |
1201 | 4. Made the module more configurable for different operating systems. | |
1202 | 5. Fixed a dumb bug in JavaScript button() method. | |
1203 | ||
1204 | Version 2.18 | |
1205 | ||
1206 | 1. Fixed a bug that corrects a hang that occurs on some platforms | |
1207 | when processing file uploads. Unfortunately this disables the | |
1208 | check for bad Netscape uploads. | |
1209 | 2. Fixed bizarre problem involving the inability to process uploaded | |
1210 | files that begin with a non alphabetic character in the file name. | |
1211 | 3. Fixed a bug in the hidden fields involving the -override directive | |
1212 | being ignored when scalar defaults were passed. | |
1213 | 4. Added documentation on how to disable the SelfLoader features. | |
1214 | ||
1215 | Version 2.17 | |
1216 | ||
1217 | 1. Added support for the SelfLoader module. | |
1218 | 2. Added oodles of JavaScript support routines. | |
1219 | 3. Fixed bad bug in query_string() method that caused some parameters | |
1220 | to be silently dropped. | |
1221 | 4. Robustified file upload code to handle premature termination by | |
1222 | the client. | |
1223 | 5. Exported temporary file names on file upload. | |
1224 | 6. Removed spurious "uninitialized variable" warnings that appeared | |
1225 | when running under 5.002. | |
1226 | 7. Added the Carp.pm library to the standard distribution. | |
1227 | 8. Fixed a number of errors in this documentation, and probably added | |
1228 | a few more. | |
1229 | 9. Checkbox_group() and radio_group() now return the buttons as | |
1230 | arrays, so that you can incorporate the individual buttons into | |
1231 | specialized tables. | |
1232 | 10. Added the '-nolabels' option to checkbox_group() and | |
1233 | radio_group(). Probably should be added to all the other | |
1234 | HTML-generating routines. | |
1235 | 11. Added the url() method to recover the URL without the entire query | |
1236 | string appended. | |
1237 | 12. Added request_method() to list of environment variables available. | |
1238 | 13. Would you believe it? Fixed hidden fields again! | |
1239 | ||
1240 | Version 2.16 | |
1241 | ||
1242 | 1. Fixed hidden fields yet again. | |
1243 | 2. Fixed subtle problems in the file upload method that caused | |
1244 | intermittent failures (thanks to Keven Hendrick for this one). | |
1245 | 3. Made file upload more robust in the face of bizarre behavior by | |
1246 | the Macintosh and Windows Netscape clients. | |
1247 | 4. Moved the POD documentation to the bottom of the module at the | |
1248 | request of Stephen Dahmen. | |
1249 | 5. Added the -xbase parameter to the start_html() method, also at the | |
1250 | request of Stephen Dahmen. | |
1251 | 6. Added JavaScript form buttons at Stephen's request. I'm not sure | |
1252 | how to use this Netscape extension correctly, however, so for now | |
1253 | the form() method is in the module as an undocumented feature. Use | |
1254 | at your own risk! | |
1255 | ||
1256 | Version 2.15 | |
1257 | ||
1258 | 1. Added the -override parameter to all field-generating methods. | |
1259 | 2. Documented the user_name() and remote_user() methods. | |
1260 | 3. Fixed bugs that prevented empty strings from being recognized as | |
1261 | valid textfield contents. | |
1262 | 4. Documented the use of framesets and added a frameset example. | |
1263 | ||
1264 | Version 2.14 | |
1265 | ||
1266 | This was an internal experimental version that was never released. | |
1267 | ||
1268 | Version 2.13 | |
1269 | ||
1270 | 1. Fixed a bug that interfered with the value "0" being entered into | |
1271 | text fields. | |
1272 | ||
1273 | Version 2.01 | |
1274 | ||
1275 | 1. Added -rows and -columns to the radio and checkbox groups. No | |
1276 | doubt this will cause much grief because it seems to promise a | |
1277 | level of meta-organization that it doesn't actually provide. | |
1278 | 2. Fixed a bug in the redirect() method -- it was not truly HTTP/1.0 | |
1279 | compliant. | |
1280 | ||
1281 | Version 2.0 | |
1282 | ||
1283 | The changes seemed to touch every line of code, so I decided to bump | |
1284 | up the major version number. | |
1285 | 1. Support for named parameter style method calls. This turns out | |
1286 | to be a big win for extending CGI.pm when Netscape adds new HTML | |
1287 | "features". | |
1288 | 2. Changed behavior of hidden fields back to the correct "sticky" | |
1289 | behavior. This is going to break some programs, but it is for | |
1290 | the best in the long run. | |
1291 | 3. Netscape 2.0b2 broke the file upload feature. CGI.pm now handles | |
1292 | both 2.0b1 and 2.0b2-style uploading. It will probably break again | |
1293 | in 2.0b3. | |
1294 | 4. There were still problems with library being unable to distinguish | |
1295 | between a form being loaded for the first time, and a subsequent | |
1296 | loading with all fields blank. We now forcibly create a default | |
1297 | name for the Submit button (if not provided) so that there's | |
1298 | always at least one parameter. | |
1299 | 5. More workarounds to prevent annoying spurious warning messages | |
1300 | when run under the -w switch. -w is seriously broken in perl | |
1301 | 5.001! | |
1302 | ||
1303 | Version 1.57 | |
1304 | ||
1305 | 1. Support for the Netscape 2.0 "File upload" field. | |
1306 | 2. The handling of defaults for selected items in scrolling lists and | |
1307 | multiple checkboxes is now consistent. | |
1308 | ||
1309 | Version 1.56 | |
1310 | ||
1311 | 1. Created true "pod" documentation for the module. | |
1312 | 2. Cleaned up the code to avoid many of the spurious "use of | |
1313 | uninitialized variable" warnings when running with the -w switch. | |
1314 | 3. Added the autoEscape() method. v | |
1315 | 4. Added string interpolation of the CGI object. | |
1316 | 5. Added the ability to pass additional parameters to the <BODY> tag. | |
1317 | 6. Added the ability to specify the status code in the HTTP header. | |
1318 | ||
1319 | Bug fixes in version 1.55 | |
1320 | ||
1321 | 1. Every time self_url() was called, the parameter list would grow. | |
1322 | This was a bad "feature". | |
1323 | 2. Documented the fact that you can pass "-" to radio_group() in | |
1324 | order to prevent any button from being highlighted by default. | |
1325 | ||
1326 | Bug fixes in version 1.54 | |
1327 | ||
1328 | 1. The user_agent() method is now documented; | |
1329 | 2. A potential security hole in import() is now plugged. | |
1330 | 3. Changed name of import() to import_names() for compatability with | |
1331 | CGI:: modules. | |
1332 | ||
1333 | Bug fixes in version 1.53 | |
1334 | ||
1335 | 1. Fixed several typos in the code that were causing the following | |
1336 | subroutines to fail in some circumstances | |
1337 | 1. checkbox() | |
1338 | 2. hidden() | |
1339 | 2. No features added | |
1340 | ||
1341 | New features added in version 1.52 | |
1342 | ||
1343 | 1. Added backslashing, quotation marks, and other shell-style escape | |
1344 | sequences to the parameters passed in during debugging off-line. | |
1345 | 2. Changed the way that the hidden() method works so that the default | |
1346 | value always overrides the current one. | |
1347 | 3. Improved the handling of sticky values in forms. It's now less | |
1348 | likely that sticky values will get stuck. | |
1349 | 4. If you call server_name(), script_name() and several other methods | |
1350 | when running offline, the methods now create "dummy" values to | |
1351 | work with. | |
1352 | ||
1353 | Bugs fixed in version 1.51 | |
1354 | ||
1355 | 1. param() when called without arguments was returning an array of | |
1356 | length 1 even when there were no parameters to be had. Bad bug! | |
1357 | Bad! | |
1358 | 2. The HTML code generated would break if input fields contained the | |
1359 | forbidden characters ">< or &. You can now use these characters | |
1360 | freely. | |
1361 | ||
1362 | New features added in version 1.50 | |
1363 | ||
1364 | 1. import() method allows all the parameters to be imported into a | |
1365 | namespace in one fell swoop. | |
1366 | 2. Parameters are now returned in the same order in which they were | |
1367 | defined. | |
1368 | ||
1369 | Bugs fixed in version 1.45 | |
1370 | ||
1371 | 1. delete() method didn't work correctly. This is now fixed. | |
1372 | 2. reset() method didn't allow you to set the name of the button. | |
1373 | Fixed. | |
1374 | ||
1375 | Bugs fixed in version 1.44 | |
1376 | ||
1377 | 1. self_url() didn't include the path information. This is now fixed. | |
1378 | ||
1379 | New features added in version 1.43 | |
1380 | ||
1381 | 1. Added the delete() method. | |
1382 | ||
1383 | New features added in version 1.42 | |
1384 | ||
1385 | 1. The image_button() method to create clickable images. | |
1386 | 2. A few bug fixes involving forms embedded in <PRE> blocks. | |
1387 | ||
1388 | New features added in version 1.4 | |
1389 | ||
1390 | 1. New header shortcut methods | |
1391 | + redirect() to create HTTP redirection messages. | |
1392 | + start_html() to create the HTML title, complete with the | |
1393 | recommended <LINK> tag that no one ever remembers to include. | |
1394 | + end_html() for completeness' sake. | |
1395 | 2. A new save() method that allows you to write out the state of an | |
1396 | script to a file or pipe. | |
1397 | 3. An improved version of the new() method that allows you to restore | |
1398 | the state of a script from a file or pipe. With (2) this gives you | |
1399 | dump and restore capabilities! (Wow, you can put a "121,931 | |
1400 | customers served" banner at the bottom of your pages!) | |
1401 | 4. A self_url() method that allows you to create state-maintaining | |
1402 | hypertext links. In addition to allowing you to maintain the state | |
1403 | of your scripts between invocations, this lets you work around a | |
1404 | problem that some browsers have when jumping to internal links in | |
1405 | a document that contains a form -- the form information gets lost. | |
1406 | 5. The user-visible labels in checkboxes, radio buttons, popup menus | |
1407 | and scrolling lists have now been decoupled from the values sent | |
1408 | to your CGI script. Your script can know a checkbox by the name of | |
1409 | "cb1" while the user knows it by a more descriptive name. I've | |
1410 | also added some parameters that were missing from the text fields, | |
1411 | such as MAXLENGTH. | |
1412 | 6. A whole bunch of methods have been added to get at environment | |
1413 | variables involved in user verification and other obscure | |
1414 | features. | |
1415 | ||
1416 | Bug fixes | |
1417 | ||
1418 | 1. The problems with the hidden fields have (I hope at last) been | |
1419 | fixed. | |
1420 | 2. You can create multiple query objects and they will all be | |
1421 | initialized correctly. This simplifies the creation of multiple | |
1422 | forms on one page. | |
1423 | 3. The URL unescaping code works correctly now. |