3 Adds the session-regenerate-cookie-value function (Florian Margaine)
4 Bugfix: using variables within with-accessors (Dmitry Igrishin)
5 Added Gitter link (The Gitter Badger)
6 Add "charset" property to Content-Type HTTP header (Dmitry Igrishin)
7 "Connection: close" on unthreaded builds (Philipp Marek)
8 Make the RFC 6585 status constants external (Grim Schjetne)
9 Add HTTP status codes described in RFC 6585 (Grim Schjetne)
10 Add charset to Content-Type when serving static (Dmitry Igrishin)
11 Fix to PROCESS-CONNECTION leaking socket fds (Jussi Lahdenniemi)
15 Adds HttpOnly and remove cookie on remove-session (Florian MARGAINE)
19 Clear content-length before emitting 304 (Jason Miller)
20 Treat errors during url decoding as bad requests. (Stas Boukarev)
24 temporarily revert ipv6 changes (Hans Huebner)
28 Remove dead links and update support information (Hans Huebner)
29 restore listening to usocket:*wildcard-host* (Hans Huebner)
30 deal with IPv6 addresses from usocket (Hans Huebner)
31 eliminate duplicate logging of warnings (reported by loke) (Hans Huebner)
32 add DETACH-SOCKET function (Hans Huebner)
33 Add the ability to prevent the sockets from being closed after a request has been processed. (Elias Mårtenson)
34 document *FINISH-PROCESSING-SOCKET* (Hans Huebner)
35 Make check for stream timeouts more robust (Raymond Wiker)
39 fix warning about missing NAME keyword arg at start-thread (Mark H. David)
40 remove tbnl-announce list (Hans Huebner)
41 correct speling eror (Hans Huebner)
42 Update request.lisp (muyinliu)
43 file upload file name encoding error fixed (muyinliu)
44 support use of logical file names for document-root and error-template-directory (Hans Huebner)
45 Generate www/hunchentoot-doc.html. (Stas Boukarev)
46 Remove mentions of asdf-install and the darcs mirror from docs. (Stas Boukarev)
50 Optimize get-peer/local-address-and-port. (Stas Boukarev)
51 Close SSL streams after processing connection. (Stas Boukarev)
55 allow for handler setting of the "connection" header (William Halliburton)
59 Use version number from ASDF system definition, not special var (Hans Huebner)
63 Don't set the Connection header to Close if it's already set (AndrejSuc/Stas Boukarev)
67 Print header value (if number) in base 10 (Chaitanya Gupta)
68 Fix for CLISP compilation (Anton Vodonosov)
72 Fix capitalization inconsistencies in docs (reported by Stas Boukarev)
76 Don't rely on asdf to find default document directory
77 Add m4v mime type (Wes Henderson)
81 Fix ACCEPTOR-REMOVE-SESSION default implementation (Stas Boukarev, Mathieu Lemoine)
85 Prevent errors when basic auth user or password contains colon
86 Add missing implementation for client-as-string for Lispworks, contributed by Raymond Wiker
90 New START-THREAD API function (Faré Rideau)
94 Fix bug that caused error when requesting nonexistent page.
98 Fix race condition in acceptor shutdown (Faré Rideau)
102 Call ACCEPTOR-STATUS-MESSAGE in a saner and more useful fashion (sponsored by Ron Garret)
106 fix wrong documented signature in acceptor-status-message (reported by Zach Beane)
110 Various documentation updates
111 Fix bug in static file handling that caused Safari to hang on 304 responses by Hunchentoot (reported by Wim Oudshoorn)
115 Fix bug in MD5-HEX that could cause session keys to be reused
119 Add local-addr* and local-port* functions
123 Fix test script to accomodate for Drakma fix regarding redirect from POST to GET
124 Fix range handling once again
128 ECL fixes (Juan Jose Giarcia-Ripoll)
132 Fix documentation for COOKIE-IN, which returns a string, not a cookie.
133 Hunchentoot could not deal with / pointing to a static file directory (Stas Boukarev).
134 Fixes to pathname sanitizing when handling static files.
135 Further Range: header handling fixes
136 Fix some export names relating to taskmaster thread count (Faré Rideau)
140 Doc fixes, add .pre-release.sh script
144 High-load multithread stability fixes (Mathieu Lemoine)
148 Remove dead code & style fixes (Ala'a Mohammad)
149 Bug fix: setting *print-base* / *print-radix* caused invalid cookie values (Scott L. Burson)
150 Various documentation and style updates
151 Fix documentation bug found (Mathieu Lemoine)
152 Fix bug that could hang Hunchentoot under load (Mathieu Lemoine)
156 Fix crash when error occurs while logging error (reported by Xu Jingtao)
157 Fix compilation with :hunchentoot-no-ssl feature (Mark Evenson)
158 Fix Range header handling (Simon Sandlund)
159 Export acceptor-remove-session
160 ECL timeout support (Juan Jose Giarcia-Ripoll)
161 Changed cookie handling - Hunchentoot no longer encodes cookies
162 automatically. Applications must make sure that they only set cookies
163 to permitted values (refer to RFC6265 for the details, thanks to Ralf
164 Stoye for debugging help)
168 Fix warning on LispWorks (Nico de Jager)
169 Documentation updates
170 Remove obsolete symbols from export list
171 Add easy-ssl-acceptor
172 Document acceptor-remove-session, remove obsolete *session-removal-hook* export (Issue #15)
173 Added :description to asdf system definition
174 Add documentation section describing how to bind to privileged ports
178 Use FINISH-OUTPUT instead of FORCE-OUTPUT at connection end (I. Perminov)
179 Documentation updates
180 External format EOL style fixes for Windows (Anton Kovalenko)
184 Fix to allow send-service-unavailable-reply to work (Faré Rideau)
185 Make sure we always have a cooked message to send in case of error (Faré Rideau)
186 Add www/ directory with default file tree that is being served
187 Add error template mechanism and improve error reporting in general.
188 Improve automatic testing, SBCL kludge to support asdf:test-op
189 Allegro CL modern mode fixes
190 Fix bugs in serving partial responses
191 Limit maximum number of threads that Hunchentoot creates (Dan Weinreb, Scott McKay)
192 Export fixes (Gordon Sims, Andrey Moskvitin, Faré Rideau)
193 Factor out easy-handler logic into separate acceptor subclass
194 Export two session functions (Nico de Jager)
195 Allow no Content-Type header (Chaitanya Gupta)
196 Patch for compilation with ECL (Sohail Somani)
197 Fix DEFINE-EASY-HANDLER for multiple acceptors (Nicolas Neuss)
198 Revived *SHOW-LISP-BACKTRACES-P*
199 Made sure "100 Continue" is returned even if the client sends "Expect: 100-continue" twice (reported by Gordon Sims)
200 Fixed typo in code which interprets transfer encodings
204 Exported WITHIN-REQUEST-P (Faré Rideau)
205 Safeguard measures against XSS attacks (J.P. Larocque)
206 Prevent potential leak when closing stream (Matt Lamari, Martin Simmons)
207 Change some occurrences of HANDLER-CASE* to HANDLER-CASE (Hans Hübner, Allan Dee)
211 Architectural changes - see HANDLE-REQUEST (thanks to Andreas Fuchs and Frode Fjeld)
212 Re-introduced *CATCH-ERRORS-P* and MAYBE-INVOKE-DEBUGGER
213 Integration with trivial-backtrace (see *LOG-LISP-BACKTRACES-P*)
214 Treat :UNSPECIFIC like NIL in pathname components (reported by Frode Fjeld)
216 Prepared for LispWorks 6 (Nico de Jager)
217 Fixed reading of post parameters (Peter Seibel and Stephen P. Compall)
218 Fixed STOP by supplying the :READY-ONLY keyword to USOCKET:WAIT-FOR-INPUT
219 Enabled SSL key passwords for Lisps other than LW (Vsevolod)
223 Complete architectural redesign (together with Hans Hübner)
224 Lots of small fixes and improvements, too many to enumerate here
228 Fixed embarrassingly mis-placed parentheses (thanks to Hans Hübner)
232 Removed FORCE-OUTPUT* and thus the ACL-COMPAT dependency (thanks to Hans Hübner)
233 Support for MP-less CMUCL (thanks to Hans Hübner)
237 Fixed unportable LOOP usage (caught by "C S S")
241 Added CODE parameter to REDIRECT (thanks to Michael Weber)
245 Fixed typo in test.lisp (thanks to Ben Hyde)
246 Changed wrong usage of EQ to EQL (thanks to Ariel Badichi)
247 Fixed typo in default handler (thanks to Eugene Ossintsev)
251 Uses CL-FAD for HANDLE-STATIC-FILE now
252 Better error reporting for CREATE-FOLDER-DISPATCHER-AND-HANDLER (suggested by Cyrus Harmon)
253 Faster version of WRITE-HEADER-LINE (thanks to V. Segu�)
257 Added support for CLISP (thanks to Anton Vodonosov)
261 Replace ENOUGH-NAMESTRING with ENOUGH-URL (patch by Kilian Sprotte and Hans Hübner)
265 Fix compilation order (thanks to Tiarnan O'Corrain and Chris Dean)
269 Robustified MAKE-SOCKET-STREAM against potential leak (thanks to Alain Picard)
270 Replaced #-FOO #-FOO constructs for OpenMCL (patch by Michael Weber)
271 Updated tutorial links
275 Made log stream shared on OpenMCL (thanks to Gary Byers)
279 Enabled GET-GID-FROM-NAME for newer versions of SBCL (patch by Cyrus Harmon)
283 Better handling of PORT parameter in REDIRECT (thanks to Vladimir Sedach)
287 Fixed bug where you couldn't set "Server" header (caught by Ralf Mattes)
288 Documentation clarification for HEADER-OUT function
292 Added support for "HttpOnly" cookie attribute
296 Added *METHODS-FOR-POST-PARAMETERS* (suggested by Jonathon McKitrick)
300 Better support for WITH-TIMEOUT on SBCL/Win32 (thanks to Anton Vodonosov)
304 Now uses bound for flexi stream returned by RAW-POST-DATA
305 Needs FLEXI-STREAMS 0.12.0 or higher
310 Added declaration in server.lisp to appease SBCL
314 Fixes for OpenMCL (thanks to Lennart Staflin and Tiarnan O'Corrain)
318 Added server names and coupled them with easy handlers (suggested by Mac Chan)
319 Exported SESSION-COOKIE-VALUE instead of SESSION-STRING (suggested by Slava Akhmechet)
320 Documentation fixes (thanks to Victor Kryukov and Igor Plekhov)
324 Made MAYBE-INVOKE-DEBUGGER a generic function and exported it (suggested by Vladimir Sedach)
328 Fixed CREATE-FOLDER-DISPATCHER-AND-HANDLER in the presence of URL-encoded URLs (bug caught by Nicolas Lamirault)
332 Made DEF-HTTP-RETURN-CODE more flexible (suggested by Jong-won Choi)
336 Added PORT parameter to REDIRECT (suggested by Cyrus Harmon)
337 Exported REMOVE-SESSION (suggested by Vamsee Kanakala)
341 Added socket timeouts for AllegroCL
342 Catch IO timeout conditions for AllegroCL, SBCL and CMUCL (suggested by Red Daly and others)
343 Added per-server dispatch tables (suggested by Robert Synnott and Andrei Stebakov)
347 USE the CL package explicitly when defining HUNCHENTOOT-MP (bug report by Joel Boehland)
351 Correct behaviour for "100 Continue" responses
359 Don't use chunked encoding for empty (NIL) bodies
363 Really exported REASON-PHRASE this time (and also *CURRENT-PROCESS*)
367 Added HUNCHENTOOT-MP package (suggested by Cyrus Harmon)
368 Only invoke MARK-AND-SWEEP for 32-bit versions of LW (thanks to Chris Dean)
369 Exported REASON-PHRASE
373 Added *APPROVED-RETURN-CODES*, *HEADER-STREAM*, and +HTTP-FAILED-DEPENDENCY+
374 Exported MIME-TYPE and SSL-P
379 Added +HTTP-MULTI-STATUS+
383 Fix test suite to properly handle non-base characters in LW (bug caught by Jong-won Choi)
387 Fixed last change (thanks to Marko Kocic)
391 Development port (no threads) to SBCL/Win32 (patch by Marko Kocic)
392 Support for compilation without SSL
396 Don't use NSTRING-UPCASE for outgoing headers (bug caught by Saurabh Nanda)
397 Changed ProxyPass example in docs from /lisp to /hunchentoot
401 Reset to "faithful" external format on each iteration (bug caught by Viljo Marrandi and Ury Marshak)
405 Accept chunked transfer encoding for mod_lisp request bodies (thanks to Hugh Winkler's mod_lisp additions)
406 Robustify against erroneous form-data submissions (caught by Ury Marshak)
410 Even more flexible behaviour of RAW-POST-DATA
414 More flexible behaviour of RAW-POST-DATA
415 Robustified PARSE-CONTENT-TYPE
419 More meaningful results for RAW-POST-DATA
423 Added favicon.ico to example website (thanks to Yoni Rabkin Katzenell, Toby, and Uwe von Loh)
427 Added Hunchentoot logo by Uwe von Loh
431 Exported symbols related to session GC (suggested by Nico de Jager)
435 Added *HANDLE-HTTP-ERRORS-P* (thanks to Marijn Haverbeke)
436 Remove duplicate headers when reading from mod_lisp
440 Fixed HEADER-OUT (thanks to Robert J. Macomber)
444 Fixed bug in START-OUTPUT which confused mod_lisp
448 Changed behaviour of REAL-REMOTE-ADDR (as suggested by Robert J. Macomber)
449 Fixed COOKIE-OUT (thanks to Robert J. Macomber)
453 Don't bind *DISPATCH-TABLE* too early (thanks to Marijn Haverbeke)
457 Fixed bug in AUTHORIZATION function (reported by Michael J. Forster)
461 Correct SSL check in REDIRECT function
462 LOG-MESSAGE now checks for (BOUNDP '*SERVER*)
466 OpenMCL fixes (by Ralf Stoye)
470 No timeouts for mod_lisp servers (as in Hunchentoot 0.3.x)
474 Fixed a typo in easy-handlers.lisp (caught by Travis Cross)
478 Ported to CMUCL, SBCL, OpenMCL, and AllegroCL
480 Tons of small changes, too many to list them individually
484 Uses TBNL's WITH-DEBUGGER now
488 Added *CATCH-ERRORS-P* (from TBNL)
492 Accept HTTP requests with chunked transfer encoding
493 Use Chunga for chunking
497 Skip START-OUTPUT advice completely if working for TBNL
501 Added write timeouts for LW 5.0
502 Updated LW links in documentation
506 Serves as infrastructure for TBNL now (to replace KMRCL)
507 For HTTP/1.1 only send 'Keep-Alive' headers if explicitly requested
511 Connection headers are separated by commas, not semicolons
515 Refactored streams.lisp to appease LW compiler (thanks to Martin Simmons)
516 Changed handling of version string
517 Changed package handling in system definition (thanks to Christophe Rhodes)
521 Removed KMRCL workaround
525 Mention TBNL version number in server name header
529 Fixed package stuff and HYPERDOC support
533 Initial public release
535 [For earlier changes see the file "CHANGELOG_TBNL" that is included with the release.]