WebServer-specific changes

Roxen improvements:

• Set MIME message boundary prefix when starting Roxen. [WS-252]

Pike improvements:

• [NT] Fixed FD_SETSIZE order. This will fix the issue with "too many open files" or "Open of [filename] failed. Permission denied" on Windows NT.[PIKE-100]

WebServer-specific changes

Administration Interface improvements:

• Misc appearance improvements
• Improved handling of backups

Modules improvements:

• Added Cutom Header module
• Redirect Module can now load redirects from Roxen's virtual filesystem

Patch system improvements:

• RoxenPatch: Make the module usable stand-alone again

Protocols improvements:

• WebDAV: DELETE should also delete corresponding locks
• WebDAV: Extended API for find_locks()
• FTP: Various improvements

RXML improvements:

• Added attribute link-rel to <wash-html>
• Added support for URL:s with anchor or query string to <serve-static-resources>

Roxen improvements:

• Wizards: Set the secure flag on RoxenWizardId cookie if https
• Configuration REST API v2
• Start script: Added option --mysql-only
• Roxen can now be installed in batch mode, without any user interaction
• New function RequestID->client_scheme() [CMS-297]

Pike releases:

• Pike 8.0.498

WebServer-specific changes

Administration Interface improvements:

• DB Browser: Handle removed configurations
• SNMP: Added overview statistics for CacheManager [WS-19]
• SNMP: Added fields for the RAM-cache [WS-3]

Logging improvements:

• Log GC time in msec instead of usec for easier reading

Modules improvements:

• New module: recaptcha.pike <if#recaptcha-verify/>
• JS-support: Added ROXEN.getQueryVariable()
• JS-support: Added info(), warn() and error()
• CGI [Pike 8.0]: Fix parsing of header block [bug 7829]
• Host Redirect: Updated default ignore paths for new editor
• Host Redirect: Fixed internal redirects combined with %p [roxen.com #28484]
• Index files only: Don't redirect to internal path [roxen.com #28397]
• Proxies: The HTTP proxy module should now work as intended again [WS-16]

Patch system improvements:

• git-rxnpatch: Fixed .distignore handling
• git-rxnpatch: Fixed some option name typos [WS-58]
• git-rxnpatch: Added support for filename remapping [WS-58]
• git-rxnpatch: Added option --path-remap-rule [WS-58]
• git-rxnpatch: Workaround for git-diff quoting bug [IS-35]
• git-rxnpatch: More fixes to the ident verifier
• RoxenPatch: Fixed HTTPS URL validation check
• PoxenPatch: Request and check cluster checksums [WS-49]
• RoxenPatch: Privs-related fixes [WS-42]
• RoxenPatch: Improved support for non-gnu tar [WS-38]
• PatchPatch: Survive more failure conditions [WS-34]
• RoxenPatch: Use Privs for saving uploaded patches [WS-34],[WS-35]
• RoxenPatch: The installation log file is now in UTF-8 [WS-29]
• RoxenPatch: Use a version-dependent tmp directory for patch clusters [WS-10]

Protocols improvements:

• HTTP: Don't protocol cache the Set-Cookie header [WS-25]
• HTTPClient: Added content-length header (if missing) if method is POST
• FTP: Censor password when sent to roxen.handle()
• SNMP: Perform work in a handler thread

RXML improvements:

• Remove line feeds from the 'base64' encoding and add 'base64mime' with old behavior [WS-43] COMPAT NOTE
• <insert#cached-href>: Added support for custom request-headers
• <insert#href>: Don't destruct Query object prematurely
• <ldap>, <emit#ldap>: Support specifying TLS implementation level [WS-51]
• <cache>: Fixed error leaving stale content in RAM cache
• <value>: Improved type DWIM [WS-37]
• RXML.Value: Support nested scopes in rxml_var_eval() [WS-33]
• RXML.Context: Support dotted scope_name in parse_user_var() [WS-33]

Roxen improvements:

• Update cache_register() to accept new prefs object for existing caches. Use the new setting to avoid warning in 'RXML <cache> eval'
• Add %q to strftime for output of quarter number (1-4)
• DBManager: Improved robustness of DB upgrade code [WS-60]
• DBManager: Reduce critical zones holding sq_cache_lock() [WS-28]
• Loader: Move Privs to roxenloader [WS-32], [WS-34], [WS-35]
• RAM Cache: Added byte_add_count to CacheManager [WS-19]
• RAM Cache: Fixed race condition on rebalancing
• RAM Cache: Fixed accounting when replacing an entry
• RAM Cache: Fixed size calculation bug when replacing an entry [WS-20]
• RAM Cache: Perform entry size calculation and evictions asynchronously
• RAM Cache: Fix division by zero that could occur at startup due to race
• RAM Cache: Use an ADT.Heap instead of a multiset [bug 7727]

Miscellaneous improvements:

• AFS: post_files: Prevent full local path as filename [CMS-247]
• AFS: Detect content type mismatch in response
• AFS: Added option to enable debug via '__afs-debug' query variable

Pike releases:

• Pike 8.0.466
• Pike 8.0.438

WebServer-specific changes

APIs improvements:

• Variable.MultipleChoice: Support conversion to/from multiselect

Administration Interface improvements:

• Compat: Add compat level for Roxen 6.1
• Only show the selected SNMP sub-tree
• RoxenPatch: New files may now force overwrites
• FSGC: Added support for quarantining instead of deleting

Logging improvements:

• Modify log timestamps to always print absolute time, and to display uptime every 5 lines.

Modules improvements:

• XML DB Mirror: Now also a feed import backend

RXML improvements:

• Small doc update for <if#module>
• Session tag: Fixed failure to set session cookie

Pike releases:

• Pike 8.0.404
• Pike 8.0.388
• Pike 8.0.370
• Pike 8.0.358

WebServer-specific changes

APIs improvements:

• DBManager.SqlFileSplitIterator: Improved performance.
• Add language-aware imploding of string lists.
• New module: HTTPClient.
• Variable.MultipleChoice: Added multiselect mode.
• Added ROXEN.basename().
• ImageCache: Cast atime as SIGNED to avoid errors with some MySQL versions.
• JS-support: Added deepCompare() that checks two JavaScript values recursively for equality.
• JS-support: Added ROXEN.arrayUnique().
• JS-support: Added ROXEN.AFS.post_files() which can send FileList objects directly to the server.
• JS-support: Added ROXEN.dirname().
• JS-support: Added simple YUI style combo loader
• JS-support: Allow ROXEN.AFS.post() to send a form ID to YUI for encoding.
• JS-support: AFS: Add code for throttling and duplicate removal,
• JS-support: AFS: Added function to detect if init() has been called.
• JS-Support: Improve protocol caching for static resources.
• New logging feature: JSON logging.
• New module: REST API for Administration Interface.
• Add a few (custom and glibc-inspired) modifiers to strftime.
• Protocol Cache: Assume that vary is supported by all.
• Protocols: Added StartTLSProtocol.
• ImageCache: Add an expires header.

Administation Interface improvements:

• Make various input fields larger.
• Logging: Added log pattern $cipher-suite.
• Logging: Added log pattern $link-layer.
• Logging: Remove log notices after 7 days. Fixes [bug 6950].
• Logging: Don't use <imgs> for site/module log entry icons since that scales badly with long logs.
• Include protocol cache stats in Cache Status wizard. Improve wizard presentation to make it easier to interpret data.
• Config IF: Fixed a redirect loop.
• Config IF: Join the tabs "Auto {Restart,Patching}" to "Auto Maintenance".
• SSL: Generate RSA/SHA256 certificates.
• Display (direct) object memory usage on memory usage page.
• DB-browser: Support queries returning multiple result sets.
• DB-browser: Default the copy or rename action to rename.
• DB-browser: Reorder Ok/Cancel buttons.

Modules improvements:

• New module: Filesystem Proxy.
• XML DB Mirror: Now also a feed import backend.
• UserDB: Support UTF8 in the user database.
• UserDB: Cache user name lookups for 60 seconds.
• Relay2: Added the possibillity to add additional response headers.
• auth_httpcookie: Support year 2037 and beyond.
• auth_httpcookie: Timeout cookies after a year.
• auth_httpcookie: Use SHA1 to generate the cookie.
• CGI: Send Connection: close.
• CGI: Support HEAD. Fixes [bug 4616].
• Email: Improved support for Unicode attachments.
• Perform negative caching of (typically) htaccess files for 5 seconds.

Patch system improvements:

• Complain but proceed when the CA list is empty.
• Use HTTPS to fetch the patch cluster.
• Rename the "Update Client" permission to "Apply Patches".
• Added option to automatically install patches on restart.
• Added support for automatic fetch of patch clusters.

Protocols improvements:

• Extensions: *.gz and *.bz2 et al are content-types. [bug 7691]
• Attempt to use protocol cache for certain authenticated resources as well.
• Init: Make sure that the default certificates don't use SHA1.
• Init: Create the default certificates in the correct place.
• SSL: Hide the "SSL key file" variable if empty.
• SSL: Change default minimum suite to TLS 1.0.
• Pike 8.0 [SSL]: Support ipless with https.
• Pike 8.0 [SSL]: Support multiple certificates with the same key.
• SSL: Updated estimated cipher strengths.
• FTP: Enable handler threads by default.
• FTP: Allow anonymous ftp without TLS even when TLS required.
• FTP: Added support for the CCC command.
• FTP: Default to PROT P for FTPS.
• FTP: Allow FEAT before login.
• FTP: Extended AUTH TLS config option.
• FTP: Support ending the TLS control connection with REIN.
• FTP: Added configuration flag to require AUTH TLS.
• FTP: Support AUTH TLS (RFC 4217).

RXML improvements:

• Added entity .
• Add :base64url and :-base64url RXML encoding/decoding.
• <force-session-id/> now supports httponly and secure flags.
• Wizards: Added RoxenWizardId cookie to protect against CSRF.
• <expire-time/>: Set Cache-Control: max-age. [bug 7535]
• Added quite a few predicate functions to sexpr.
• SqlTags: Support queries returning multiple result sets.
• <emit#values>: Use a stable output order.
• <insert#href>: Added support for PUT and DELETE [bug 7179].
• Allow RXML expressions to call basename() and dirname() for faster path manipulation.

Roxen improvements:

• Changed database from MySQL to MariaDB 10.1.12.
• Speed up scanning for module and pike-module directories by excluding some more items (e.g. ".git" and "node_modules").
• Core: Load demand-loaded modules from handler threads. [bug 7782]
• Threads: Improved robustness for describe_all_threads(). [bug 7642]
• Start: Added --without-daemon. [bug 7488]
• Config: If the primary configuration file is lost, try the backups.
• Config: Flush configuration files to disc before renaming them.
• Logging: Default to dated access logfiles.
• Logging: Default to compressing log files.
• Require Pike 8.0 for Roxen 6.0 and later.
• DBManager: Add an innodb-data-file-path entry to my.cfg.
• MySQL: Detect and support MariaDB.
• MySQL: Set the default storage engine to MyISAM.
• MySQL: Bump the required MySQL version to 5.5.
• Site-Templates: Added support for packages.
• Pike 8.0: Upgrade old automatic X.509v1 certs to X.509v3.

Pike releases:

• Pike 8.0.276
• Pike 8.0.240
• Pike 8.0.182
• Pike 8.0.164