------------------------------------------------------------------- Thu May 20 16:02:44 CEST 2010 - anicka@suse.cz - fixed filename vulnerability in lwp-download (bnc#606321) ------------------------------------------------------------------- Wed Jan 13 16:40:12 CET 2010 - anicka@suse.cz - update to 5.834 * Check for sane default_headers argument [RT#50393] * Add $ua->local_address attribute [RT#40912] * Test that generation of boundary works [RT#49396] * Page does not display the "standard" apache listing any more * Remove unneeded executable permissions. * Switch compression/decompression to use the IO::Compress/IO::Uncompress and * Compress::Raw::Zlib family of modules. * lwp-request should use stderr for auth [RT#21620] * Deal with cookies that expire far into the future [RT#50147] * Deal with cookies that expire at or before epoch [RT#49467] * Pass separate type for https to LWP::ConnCache [RT#48899] * Improved handling of the User-Agent header [RT#48461] * HTTP::Cookies add_cookie_header previous Cookies [RT#46106] * Improve diagnostics from LWP::UserAgent::mirror [RT#48869] * mirror should die in case X-Died is set [RT#48236] * Increase default Net::HTTP max line length to 8k. * Fix net test suite. * Comment spelling fixes. * Fix links to old Netscape cookie specification. * Documentation spelling fixes. * Improve max line length exceeded/read error messages. * Do not warn about seemingly wellformed but unrecognized robots.txt lines. * $mess->content_charset would fail for empty content * Further restrict what variables env_proxy() process * Fix bzip2 content encoding/decoding. * send_te() doc grammar fix. * Document time2str() behavior with an undefined argument. * HTML::Message's content_charset trigger warnings from HTML::Parser [RT#48621] ------------------------------------------------------------------- Tue Aug 4 18:45:30 CEST 2009 - anicka@suse.cz - update to 5.830 * This release removes callback handlers that were left over on the returned HTTP::Responses. This was problematic because it created reference loops preventing the Perl garbage collector from releasing their memory. Another problem was that Storable by default would not serialize these objects any more. * This release also adds support for locating HTML::Form inputs by id or class attribute; for instance $form->value("#foo", 42) will set the value on the input with the ID of "foo". * bugfixes ------------------------------------------------------------------- Sat Jul 25 19:40:37 CEST 2009 - chris@computersalat.de - spec mods * removed ^---------- * removed ^#--------- ------------------------------------------------------------------- Sun Jun 28 20:23:52 CEST 2009 - chris@computersalat.de - update to 5.828 * Less noisy behaviour when we can't download the documents * Restore perl-5.6 compatiblity [RT#47054] * Don't decode US-ASCII and ISO-8859-1 content * Some versions of Encode don't support UTF-16-BE [RT#47152] * Spelling fixes. - update to 5.827 * Added lwp-dump script * Replace calls to $req->url with $req->uri * Also need to encode strings in the latin1 range * Ignore the value set for file inputs [RT#46911] * Add docs to lwp-dump * Don't let lwp-dump follow redirects * Support --method options * Implement the --agent option * Dictionary order for the option docs; document --method * Merge branch 'dump' * Files are passed as an array and we must not stringify it. * Add content_charset method to HTTP::Message * Start guessing the charset for a message * Let content_charset guess the charset to use for decoded_content * Specify what's missing for the XML and HTML case * Provide charset parameter for HTML::Form->parse() * Make content_charset sniff for elements specifying the charset. * Determine charset of XML documents * Get rid of the _trivial_http_get() implementation * Update the bundled media.types file * LWP::Simple::get() now returns decoded_content [RT#44435] * Implement content_type_charset method for HTTP::Headers * Implement content_is_text method for HTTP::Headers * Make use of content_is_text and content_type_charset in decoded_content * Don't let the parse_head callback append to the HTTP headers * Don't set Range header on request when max_size is used [RT#17208] * Still show client headers for internal responses * Document Client-Warning: Internal response * Don't use 'no' as example domain for no_proxy docs [RT#43728] * Drop exit from the Makefile.PL [RT#43060] * Merge branch 'content_charset' * Support "accept-charset" attribute in HTML::Form * new tests for max_size and 206 responses [RT#46230] * Reformulation of Client-Warning: Internal documentation - added perl-macros o autogen filelist with perl_gen_filelist - spec mods o fixed deps ------------------------------------------------------------------- Tue Apr 28 13:37:15 CEST 2009 - anicka@suse.cz - update to 5.826 * Avoid returning stale Content-Type header after message parts have been updated * Don't let content saved to file be affected by the $\ setting * Issues around multipart boundaries * Ignore random _proxy env variables, allow only valid schemes * README.SSL is not anymore available at the linpro.no URL. * Make LWP::UserAgent constructor honor the default_headers option ------------------------------------------------------------------- Mon Feb 23 16:18:38 CET 2009 - anicka@suse.cz - update to 5.825 * Fixup test failure with perl-5.8.8 and older; qr/$/m doesn't work * Make format_request() ensure that it returns bytes [RT#42396] * Force bytes in all the format_* methods. * Ignore Sitemap: lines in robots.txt [RT#42420] * Refactor; use variable to hold the test port * Add redirects method to HTTP::Message * Setting $ua->max_redirect(0) didn't work [RT#40260] * Convert files to UTF-8 * HTTP::Cookies destructor should not clobber $! and other globals. * Deal with the Encode module distributed with perl-5.8.0 * Avoid failure if 127.0.0.1:8333 is in use [RT#42866] * Documentation improvements, spelling fixes. ------------------------------------------------------------------- Tue Jan 20 15:59:08 CET 2009 - anicka@suse.cz - update to 5.823 * Bring back the LWP::Debug code * Add documentation section about 'Network traffic monitoring'. * Typo fixes * Want to ensure we get a single value back here. ------------------------------------------------------------------- Sat Dec 20 07:00:37 CET 2008 - coolo@suse.de - update to 5.822 Various bug fixes Should store "wire" headers field names with _ without translation. Test HTTP::Request->parse(). Rename the HTTP::Status constants to have HTTP_ prefix Add strict mode to HTML::Form Add content_is_xml method Make split_header_words() lower case returned tokens/keys Add decode() method to HTTP::Message Add encode() method to HTTP::Message Allow multiple fields to be set with push_header(). Faster push_header() Add dump method to HTTP::Message. Add support for x-bzip2 encoding; fix bzip2 decoding. Add send_header method to HTTP::Daemon Make the lwp-request User-Agent string include the LWP version. Calculation of current_age with missing Client-Date. More correct matching of 'max-age' in freshness_lifetime method The freshness_lifetime method now support options to control its heuristics The Content-Length and Content-MD5 headers are no longer valid after encode/decode Skip LWP test when fork() is unimplemented A more modern user_agent example. Make it possible to unset the proxy settings again Deprecate LWP::Debug ------------------------------------------------------------------- Mon Nov 17 11:25:31 CET 2008 - lnussel@suse.de - fix https losing characters (bnc#445601, http://rt.cpan.org/Public/Bug/Display.html?id=40187) ------------------------------------------------------------------- Mon Oct 6 15:08:10 CEST 2008 - anicka@suse.cz - update to 5.816 * Add missing binmode() * Doc tweaks * We don't need to build the docs to run the tests. * Style tweaks. * The jigsaw service isn't up to much good these days. * HTTP::Cookies produces warnings for undefined cookie param names * Typo fix; HTTP::Message will never include x-bzip2 in Accept-Encoding * Added HTTP::Config module * Add methods to configure processing handlers. * 100 Continue response not complete. * Use 3-arg open when response content to files. * Make the show_progress attribute official (by documenting it). * Start using handlers for driving the inner logic of LWP::UserAgent. * Expose the content_is_html and content_is_xhtml methods from HTTP::Headers. * Make credentials method able to get/set values. * An auth handler per realm. * Match proxy setting for request. * Set up separate handler for adding proxy authentication. * Add request_preprepare to be able to initialize proxy early enough. * Smarter get_my_handler() that can also create handlers. * Refactor; introduce run_handlers method * Pass in handler hash to the handler callback. * Don't let version=1 override behaviour if specified with a plan Set-Cookie header. * Remove handler when we don't have a username/password for the realm. * Make tests use Test.pm * Double-check that username or password has changed after a failed login. * Update Digest Authen to subclass Basic. * Avoid running out of filehandles with DYNAMIC_FILE_UPLOAD. * Fixed parsing of header values starting with ':' * Documentation typo fixes ------------------------------------------------------------------- Fri Jul 25 15:17:53 CEST 2008 - anicka@suse.cz - update to 5.814 * Typo fix. * Add HTTP::Message::decodable() * Use decoded_content in the synposis * Avoid adding an empty first part in $mess->add_part() * Get rid of all the manual dependency tests. * Simplify the Makefile.PL (no interactivity) * Provide DELETE method in HTTP::Request::Common * Checkbox picks up nearby text in description of alternates * HTML::Form::possible_values() should not returned disabled values * File::Listing documentation claimed only 'unix' format was supported * File::Listing only support English locales * Make common-req.t use Test.pm * Typo; CAN_TALK_TO_OUTSELF * Fix up File::Listings fallback to dosftp * File::Listing parse failure on BSD Linux based systems ------------------------------------------------------------------- Thu Jun 19 16:40:18 CEST 2008 - anicka@suse.cz - update to 5.813 * RobotUA constructor ignores delay, use_sleep * Add HTTP::Response->filename * Better diagnostics when the HTML::TokeParser constructor fails * Multiple forms with same-named