perl-announce mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <>
Subject [ANNOUNCE] Apache HTTP Server Request Library 2.04-dev Released
Date Mon, 30 Aug 2004 21:08:24 GMT

        Apache HTTP Server Request Library 2.04-dev Released

The Apache Software Foundation and The Apache HTTP Server Project
are pleased to announce the 2.04-dev release of libapreq2.  This
Announcement notes significant changes introduced by this release.

The package libapreq2-2.04_03-dev.tar.gz is released under the Apache License
version 2.0.  It is now available through the ASF mirrors

and has entered the CPAN as 

  file: $CPAN/authors/id/J/JO/JOESUF/libapreq2-2.04_03-dev.tar.gz
  size: 592748 bytes
   md5: 1f5dd762c877b716f3774d502f575196

libapreq2 is an APR-based shared library used for parsing HTTP cookies,
query-strings and POST data.  The package libapreq2-2.04_03-dev.tar.gz provides

    1) version 2.0.20 of the libapreq2 library,

    2) mod_apreq, a filter module necessary for using libapreq2
       within the Apache HTTP Server,

    3) the Apache::Request, Apache::Cookie, and Apache::Upload
       perl modules for using libapreq2 with modperl-2.


Changes with libapreq2-2.04-dev (released August 30, 2004)

- Perl API [joes]
  Add TAINT checks, marking all parsed data as tainted.

- C API [joes]
  Add body_status attribute to apreq_request_t, to allow the both
  environment and the parser to report any errors encountered.

- C API [randyk, joes]
  Cookie parser was locking up on non-alphanumeric chars in cookie names.
  Also RFC Cookie attributes are always checked for quotes during bake(2),
  and the quotes are now stripped from incoming RFC cookies during parsing 
  (but they are never stripped from the actual cookie value).

- Perl API [joes]
  Apache::Cookie::Jar->new accepts a VALUE_CLASS argument, which effectively
  blesses all the jar's cookies into that class, which simplifies subclassing
  Apache::Cookie.   Accordingly Apache::Cookie->freeze($value) no longer accepts 
  a freeze()-able object in $value.

- C API [Markus Wichitill, randyk, joes]
  Drop APR_DELONCLOSE from apreq_file_mktemp implementation and install
  apreq_file_cleanup. When passed to apr_file_open on Win32, APR_DELONCLOSE 
  sets the FILE_SHARED_DELETE flag, which is, unfortunately, a property that
  is preserved across NTFS "hard" links.  This breaks apps that link() 
  the temp file to a permanent location, and subsequently expect to open it 
  without FILE_SHARED_DELETE before the original tempfile is closed+deleted. 
  In fact, even Apache::Upload does this, so it is a common enough event that
  the apreq_file_cleanup workaround is necessary.

- C API [Ken Burcham, joes]
  Fix bug in url parser that occurs when a %XX-encoded sequence
  is split across multiple buckets.  Added apreq_decode_decodev
  to make this problem less inconvenient.

- Perl API [joes]
  Exception objects inherit from the object which raised it,
  which allows $@ to invoke its methods with impunity (exceptions 
  are disabled for objects which derive from an exception class).

- Perl API [joes]
  Implement HOOK_DATA and UPLOAD_HOOK.

- Perl API [joes]
  Add safe XS wrappers for $table->add, $table->set, $table->STORE,
  and $table_class->new.

- Perl API [joes]
  Add exceptions to $upload->link, $upload->tempname, $upload->slurp, 
  and $cookie->set_attr.  Return value of $upload->slurp is now the 
  upload length.  Also document new $upload->io.

- C API [joes]
  Restrict all apr_status_t codes to APR_SUCCESS, APR_INCOMPLETE,
  APR_EGENERAL, APR_EINIT, APR_ENOTIMPL, since any others will
  generate confusing error messages from apr_strerror.

- Perl API [joes]
  Added $upload->io with a TIEHANDLE API layered over APR::Brigade.   $upload->fh
  remains implemented as an APR::PerlIO object, which is seekable but less efficient 
  and currently suffers some portability issues associated with largefile support
  in perl and apr.

- Perl API [joes]
  Added apreq_xs_croak for throwing APR::Error exceptions and included
  error-checking on $req->param, $req->args, $req->body, $req->upload, 
  and $jar->get.

- Perl API [joes]
  Added $jar->status, $req->args_status and $req->body_status to report
  parsing errors. Also add $upload->tempname per user request.

- C API [joes]
  Dropped status attribute of apreq_value_t.  Added status field to
  apreq_jar_t and added args_status field to apreq_request_t. Parsers
  also must return their public status code when a NULL brigade is passed.
  apreq_hook_disable_uploads() is also added.
  This is an ABI change affecting all versions of libapreq2 prior to 2.0.12.

- Perl API [joes]
  $upload->info returns a proper APR::Table object now. Also implemented
  $upload->size, $upload->fh, and $upload->type.

- C API [Jean-François Meesse]
  mfd parser fails to parse CRLF-terminated files when the terminating
  boundary string is at the start of a new bucket.  This is reportedly
  a common event for PDF files uploaded with Netscape 7.

- Perl API [joes]
  Add back-compat support for Apache::Cookie->fetch() via

- C API [joes]
  Add MaxBody, MaxBrigade, and TempDir per-dir directives to mod_apreq 

- C API [joes]
  Replace free/tempnam dependency in apreq_file_mktemp() with
  apr_temp_dir_get().  Add additional gcc warning flags when
  --enable-maintainer-mode is set.

- C API [joes, Scott Hutton]
  Replace apreq_brigade_copy with more effective APREQ_BRIGADE_COPY
  macro.  Also introduce APREQ_BRIGADE_SETASIDE to deal with buckets 
  that need to be set aside for use in future function calls. mod_ssl 
  generates transient buckets which tickled this bug.

- Perl API [joes]
  Separate Apache::Upload module from Apache::Request for 
  better organization.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message