3 Prevent errors when basic auth user or password contains colon
4 Add missing implementation for client-as-string for Lispworks, contributed by Raymond Wiker
8 New START-THREAD API function (Faré Rideau)
12 Fix bug that caused error when requesting nonexistent page.
16 Fix race condition in acceptor shutdown (Faré Rideau)
20 Call ACCEPTOR-STATUS-MESSAGE in a saner and more useful fashion (sponsored by Ron Garret)
24 fix wrong documented signature in acceptor-status-message (reported by Zach Beane)
28 Various documentation updates
29 Fix bug in static file handling that caused Safari to hang on 304 responses by Hunchentoot (reported by Wim Oudshoorn)
33 Fix bug in MD5-HEX that could cause session keys to be reused
37 Add local-addr* and local-port* functions
41 Fix test script to accomodate for Drakma fix regarding redirect from POST to GET
42 Fix range handling once again
46 ECL fixes (Juan Jose Giarcia-Ripoll)
50 Fix documentation for COOKIE-IN, which returns a string, not a cookie.
51 Hunchentoot could not deal with / pointing to a static file directory (Stas Boukarev).
52 Fixes to pathname sanitizing when handling static files.
53 Further Range: header handling fixes
54 Fix some export names relating to taskmaster thread count (Faré Rideau)
58 Doc fixes, add .pre-release.sh script
62 High-load multithread stability fixes (Mathieu Lemoine)
66 Remove dead code & style fixes (Ala'a Mohammad)
67 Bug fix: setting *print-base* / *print-radix* caused invalid cookie values (Scott L. Burson)
68 Various documentation and style updates
69 Fix documentation bug found (Mathieu Lemoine)
70 Fix bug that could hang Hunchentoot under load (Mathieu Lemoine)
74 Fix crash when error occurs while logging error (reported by Xu Jingtao)
75 Fix compilation with :hunchentoot-no-ssl feature (Mark Evenson)
76 Fix Range header handling (Simon Sandlund)
77 Export acceptor-remove-session
78 ECL timeout support (Juan Jose Giarcia-Ripoll)
79 Changed cookie handling - Hunchentoot no longer encodes cookies
80 automatically. Applications must make sure that they only set cookies
81 to permitted values (refer to RFC6265 for the details, thanks to Ralf
82 Stoye for debugging help)
86 Fix warning on LispWorks (Nico de Jager)
88 Remove obsolete symbols from export list
90 Document acceptor-remove-session, remove obsolete *session-removal-hook* export (Issue #15)
91 Added :description to asdf system definition
92 Add documentation section describing how to bind to privileged ports
96 Use FINISH-OUTPUT instead of FORCE-OUTPUT at connection end (I. Perminov)
98 External format EOL style fixes for Windows (Anton Kovalenko)
102 Fix to allow send-service-unavailable-reply to work (Faré Rideau)
103 Make sure we always have a cooked message to send in case of error (Faré Rideau)
104 Add www/ directory with default file tree that is being served
105 Add error template mechanism and improve error reporting in general.
106 Improve automatic testing, SBCL kludge to support asdf:test-op
107 Allegro CL modern mode fixes
108 Fix bugs in serving partial responses
109 Limit maximum number of threads that Hunchentoot creates (Dan Weinreb, Scott McKay)
110 Export fixes (Gordon Sims, Andrey Moskvitin, Faré Rideau)
111 Factor out easy-handler logic into separate acceptor subclass
112 Export two session functions (Nico de Jager)
113 Allow no Content-Type header (Chaitanya Gupta)
114 Patch for compilation with ECL (Sohail Somani)
115 Fix DEFINE-EASY-HANDLER for multiple acceptors (Nicolas Neuss)
116 Revived *SHOW-LISP-BACKTRACES-P*
117 Made sure "100 Continue" is returned even if the client sends "Expect: 100-continue" twice (reported by Gordon Sims)
118 Fixed typo in code which interprets transfer encodings
122 Exported WITHIN-REQUEST-P (Faré Rideau)
123 Safeguard measures against XSS attacks (J.P. Larocque)
124 Prevent potential leak when closing stream (Matt Lamari, Martin Simmons)
125 Change some occurrences of HANDLER-CASE* to HANDLER-CASE (Hans Hübner, Allan Dee)
129 Architectural changes - see HANDLE-REQUEST (thanks to Andreas Fuchs and Frode Fjeld)
130 Re-introduced *CATCH-ERRORS-P* and MAYBE-INVOKE-DEBUGGER
131 Integration with trivial-backtrace (see *LOG-LISP-BACKTRACES-P*)
132 Treat :UNSPECIFIC like NIL in pathname components (reported by Frode Fjeld)
134 Prepared for LispWorks 6 (Nico de Jager)
135 Fixed reading of post parameters (Peter Seibel and Stephen P. Compall)
136 Fixed STOP by supplying the :READY-ONLY keyword to USOCKET:WAIT-FOR-INPUT
137 Enabled SSL key passwords for Lisps other than LW (Vsevolod)
141 Complete architectural redesign (together with Hans Hübner)
142 Lots of small fixes and improvements, too many to enumerate here
146 Fixed embarrassingly mis-placed parentheses (thanks to Hans Hübner)
150 Removed FORCE-OUTPUT* and thus the ACL-COMPAT dependency (thanks to Hans Hübner)
151 Support for MP-less CMUCL (thanks to Hans Hübner)
155 Fixed unportable LOOP usage (caught by "C S S")
159 Added CODE parameter to REDIRECT (thanks to Michael Weber)
163 Fixed typo in test.lisp (thanks to Ben Hyde)
164 Changed wrong usage of EQ to EQL (thanks to Ariel Badichi)
165 Fixed typo in default handler (thanks to Eugene Ossintsev)
169 Uses CL-FAD for HANDLE-STATIC-FILE now
170 Better error reporting for CREATE-FOLDER-DISPATCHER-AND-HANDLER (suggested by Cyrus Harmon)
171 Faster version of WRITE-HEADER-LINE (thanks to V. Segu�)
175 Added support for CLISP (thanks to Anton Vodonosov)
179 Replace ENOUGH-NAMESTRING with ENOUGH-URL (patch by Kilian Sprotte and Hans Hübner)
183 Fix compilation order (thanks to Tiarnan O'Corrain and Chris Dean)
187 Robustified MAKE-SOCKET-STREAM against potential leak (thanks to Alain Picard)
188 Replaced #-FOO #-FOO constructs for OpenMCL (patch by Michael Weber)
189 Updated tutorial links
193 Made log stream shared on OpenMCL (thanks to Gary Byers)
197 Enabled GET-GID-FROM-NAME for newer versions of SBCL (patch by Cyrus Harmon)
201 Better handling of PORT parameter in REDIRECT (thanks to Vladimir Sedach)
205 Fixed bug where you couldn't set "Server" header (caught by Ralf Mattes)
206 Documentation clarification for HEADER-OUT function
210 Added support for "HttpOnly" cookie attribute
214 Added *METHODS-FOR-POST-PARAMETERS* (suggested by Jonathon McKitrick)
218 Better support for WITH-TIMEOUT on SBCL/Win32 (thanks to Anton Vodonosov)
222 Now uses bound for flexi stream returned by RAW-POST-DATA
223 Needs FLEXI-STREAMS 0.12.0 or higher
228 Added declaration in server.lisp to appease SBCL
232 Fixes for OpenMCL (thanks to Lennart Staflin and Tiarnan O'Corrain)
236 Added server names and coupled them with easy handlers (suggested by Mac Chan)
237 Exported SESSION-COOKIE-VALUE instead of SESSION-STRING (suggested by Slava Akhmechet)
238 Documentation fixes (thanks to Victor Kryukov and Igor Plekhov)
242 Made MAYBE-INVOKE-DEBUGGER a generic function and exported it (suggested by Vladimir Sedach)
246 Fixed CREATE-FOLDER-DISPATCHER-AND-HANDLER in the presence of URL-encoded URLs (bug caught by Nicolas Lamirault)
250 Made DEF-HTTP-RETURN-CODE more flexible (suggested by Jong-won Choi)
254 Added PORT parameter to REDIRECT (suggested by Cyrus Harmon)
255 Exported REMOVE-SESSION (suggested by Vamsee Kanakala)
259 Added socket timeouts for AllegroCL
260 Catch IO timeout conditions for AllegroCL, SBCL and CMUCL (suggested by Red Daly and others)
261 Added per-server dispatch tables (suggested by Robert Synnott and Andrei Stebakov)
265 USE the CL package explicitly when defining HUNCHENTOOT-MP (bug report by Joel Boehland)
269 Correct behaviour for "100 Continue" responses
277 Don't use chunked encoding for empty (NIL) bodies
281 Really exported REASON-PHRASE this time (and also *CURRENT-PROCESS*)
285 Added HUNCHENTOOT-MP package (suggested by Cyrus Harmon)
286 Only invoke MARK-AND-SWEEP for 32-bit versions of LW (thanks to Chris Dean)
287 Exported REASON-PHRASE
291 Added *APPROVED-RETURN-CODES*, *HEADER-STREAM*, and +HTTP-FAILED-DEPENDENCY+
292 Exported MIME-TYPE and SSL-P
297 Added +HTTP-MULTI-STATUS+
301 Fix test suite to properly handle non-base characters in LW (bug caught by Jong-won Choi)
305 Fixed last change (thanks to Marko Kocic)
309 Development port (no threads) to SBCL/Win32 (patch by Marko Kocic)
310 Support for compilation without SSL
314 Don't use NSTRING-UPCASE for outgoing headers (bug caught by Saurabh Nanda)
315 Changed ProxyPass example in docs from /lisp to /hunchentoot
319 Reset to "faithful" external format on each iteration (bug caught by Viljo Marrandi and Ury Marshak)
323 Accept chunked transfer encoding for mod_lisp request bodies (thanks to Hugh Winkler's mod_lisp additions)
324 Robustify against erroneous form-data submissions (caught by Ury Marshak)
328 Even more flexible behaviour of RAW-POST-DATA
332 More flexible behaviour of RAW-POST-DATA
333 Robustified PARSE-CONTENT-TYPE
337 More meaningful results for RAW-POST-DATA
341 Added favicon.ico to example website (thanks to Yoni Rabkin Katzenell, Toby, and Uwe von Loh)
345 Added Hunchentoot logo by Uwe von Loh
349 Exported symbols related to session GC (suggested by Nico de Jager)
353 Added *HANDLE-HTTP-ERRORS-P* (thanks to Marijn Haverbeke)
354 Remove duplicate headers when reading from mod_lisp
358 Fixed HEADER-OUT (thanks to Robert J. Macomber)
362 Fixed bug in START-OUTPUT which confused mod_lisp
366 Changed behaviour of REAL-REMOTE-ADDR (as suggested by Robert J. Macomber)
367 Fixed COOKIE-OUT (thanks to Robert J. Macomber)
371 Don't bind *DISPATCH-TABLE* too early (thanks to Marijn Haverbeke)
375 Fixed bug in AUTHORIZATION function (reported by Michael J. Forster)
379 Correct SSL check in REDIRECT function
380 LOG-MESSAGE now checks for (BOUNDP '*SERVER*)
384 OpenMCL fixes (by Ralf Stoye)
388 No timeouts for mod_lisp servers (as in Hunchentoot 0.3.x)
392 Fixed a typo in easy-handlers.lisp (caught by Travis Cross)
396 Ported to CMUCL, SBCL, OpenMCL, and AllegroCL
398 Tons of small changes, too many to list them individually
402 Uses TBNL's WITH-DEBUGGER now
406 Added *CATCH-ERRORS-P* (from TBNL)
410 Accept HTTP requests with chunked transfer encoding
411 Use Chunga for chunking
415 Skip START-OUTPUT advice completely if working for TBNL
419 Added write timeouts for LW 5.0
420 Updated LW links in documentation
424 Serves as infrastructure for TBNL now (to replace KMRCL)
425 For HTTP/1.1 only send 'Keep-Alive' headers if explicitly requested
429 Connection headers are separated by commas, not semicolons
433 Refactored streams.lisp to appease LW compiler (thanks to Martin Simmons)
434 Changed handling of version string
435 Changed package handling in system definition (thanks to Christophe Rhodes)
439 Removed KMRCL workaround
443 Mention TBNL version number in server name header
447 Fixed package stuff and HYPERDOC support
451 Initial public release
453 [For earlier changes see the file "CHANGELOG_TBNL" that is included with the release.]