Change 2006/11/14 by blong
Update to version 0.10.4
Change 2006/11/09 by blong
Handle cases where Content-Length is not a valid number,
resulting in a -1 result from atoi
Change 2006/11/09 by blong
Patches from Gentoo and dju@gentoo.org:
- Rename static.cgi to cs_static.cgi
- Install cs binary
- Fix python for python2.5 (use PyObject_DEL instead of PyMem_DEL
Change 2006/11/09 by blong
Limit input length for sscanf to fix potential buffer overflow
(code not currently in use)
Change 2006/11/01 by drewry
Add tests/examples for using global escaping and escape blocks.
Change 2006/10/19 by blong
Pass fileload_ctx from parent CSPARSE
Change 2006/10/19 by smarti
Close
and
tags in text_html so that output is properly
formed XHTML. Should not affect browsers.
Change 2006/10/18 by iant
gcc 64-bit cleanup: Add cast to avoid warning. Fixes:
util/neo_hash.c:292: warning: cast from pointer to integer of different size
Change 2006/10/12 by griff
Add a new clearsilver builtin - string.find(string,
substr) => integer
Change 2006/10/12 by blong
Force explicit enable of debug features
Change 2006/10/10 by blong
Catch all missing end sections
Change 2006/10/09 by blong
add missing free's in error clause
Change 2006/10/05 by yang
Export 12 o'clock as 12 instead of java.util.Calendar's 0 (to
match C++/Python behavior)
Change 2006/08/29 by blong
Change rfc2388 multipart/form-data handler to never read past
the amount of expected input for servers which don't close their
end of the input pipe after they finish sending data.
Change 2006/08/14 by blong
Fix bug in hdf_copy where we were not copying the hdf attributes
for a node but "sharing" it, causing problems if the original
was deallocated.
Change 2006/08/14 by blong
Change LD/LDFLAGS handling in the Makefiles
Change 2006/08/11 by blong
search using the global search path if not found using the local
search path
add warning for an error case
Change 2006/08/01 by drewry
- Added HDF variable Config.VarEscapeMode to enable automatic
escaping of variables to a specified default: none, html, js, url
- Added a per-function escaping context which causes the output
of calls to the escaping function in the template to not be
default escaped. (Added a register_esc_strfunc helper)
- Added escape directive which can be used to explicitly set the
current escape context:
(Note: These can be stacked, but they are not additive.)
- Added uvar directive to allow explicit unsafe variables
(VarEscapeMode and escape directive have no effect.)
- Added escape context support for def/call to use the context of the
caller and not the define-time context.
- Added single quote escaping to html_escape and url_escape
- Added ampersand and semicolon escaping to js_escape to avoid
embedding of HTML entities inside event attributes. (e.g.
onmouseover)
Change 2006/06/28 by roeber
1) Support functions with zero arguments
2) Support parsing arguments one at a time
Change 2006/06/26 by blong
patch from Jon Nalley (cs@nalleynet.com) to prevent segfault
when HTTP.Host and CGI.ServerName are not set.
Change 2006/04/20 by blong
add readString/writeString and writeFile/writeFileAtomic to the
JNI wrapper
Change 2006/04/12 by blong
fix for perl installation path problem from lars