3 Adds HttpOnly and remove cookie on remove-session (Florian MARGAINE)
7 Clear content-length before emitting 304 (Jason Miller)
8 Treat errors during url decoding as bad requests. (Stas Boukarev)
12 temporarily revert ipv6 changes (Hans Huebner)
16 Remove dead links and update support information (Hans Huebner)
17 restore listening to usocket:*wildcard-host* (Hans Huebner)
18 deal with IPv6 addresses from usocket (Hans Huebner)
19 eliminate duplicate logging of warnings (reported by loke) (Hans Huebner)
20 add DETACH-SOCKET function (Hans Huebner)
21 Add the ability to prevent the sockets from being closed after a request has been processed. (Elias Mårtenson)
22 document *FINISH-PROCESSING-SOCKET* (Hans Huebner)
23 Make check for stream timeouts more robust (Raymond Wiker)
27 fix warning about missing NAME keyword arg at start-thread (Mark H. David)
28 remove tbnl-announce list (Hans Huebner)
29 correct speling eror (Hans Huebner)
30 Update request.lisp (muyinliu)
31 file upload file name encoding error fixed (muyinliu)
32 support use of logical file names for document-root and error-template-directory (Hans Huebner)
33 Generate www/hunchentoot-doc.html. (Stas Boukarev)
34 Remove mentions of asdf-install and the darcs mirror from docs. (Stas Boukarev)
38 Optimize get-peer/local-address-and-port. (Stas Boukarev)
39 Close SSL streams after processing connection. (Stas Boukarev)
43 allow for handler setting of the "connection" header (William Halliburton)
47 Use version number from ASDF system definition, not special var (Hans Huebner)
51 Don't set the Connection header to Close if it's already set (AndrejSuc/Stas Boukarev)
55 Print header value (if number) in base 10 (Chaitanya Gupta)
56 Fix for CLISP compilation (Anton Vodonosov)
60 Fix capitalization inconsistencies in docs (reported by Stas Boukarev)
64 Don't rely on asdf to find default document directory
65 Add m4v mime type (Wes Henderson)
69 Fix ACCEPTOR-REMOVE-SESSION default implementation (Stas Boukarev, Mathieu Lemoine)
73 Prevent errors when basic auth user or password contains colon
74 Add missing implementation for client-as-string for Lispworks, contributed by Raymond Wiker
78 New START-THREAD API function (Faré Rideau)
82 Fix bug that caused error when requesting nonexistent page.
86 Fix race condition in acceptor shutdown (Faré Rideau)
90 Call ACCEPTOR-STATUS-MESSAGE in a saner and more useful fashion (sponsored by Ron Garret)
94 fix wrong documented signature in acceptor-status-message (reported by Zach Beane)
98 Various documentation updates
99 Fix bug in static file handling that caused Safari to hang on 304 responses by Hunchentoot (reported by Wim Oudshoorn)
103 Fix bug in MD5-HEX that could cause session keys to be reused
107 Add local-addr* and local-port* functions
111 Fix test script to accomodate for Drakma fix regarding redirect from POST to GET
112 Fix range handling once again
116 ECL fixes (Juan Jose Giarcia-Ripoll)
120 Fix documentation for COOKIE-IN, which returns a string, not a cookie.
121 Hunchentoot could not deal with / pointing to a static file directory (Stas Boukarev).
122 Fixes to pathname sanitizing when handling static files.
123 Further Range: header handling fixes
124 Fix some export names relating to taskmaster thread count (Faré Rideau)
128 Doc fixes, add .pre-release.sh script
132 High-load multithread stability fixes (Mathieu Lemoine)
136 Remove dead code & style fixes (Ala'a Mohammad)
137 Bug fix: setting *print-base* / *print-radix* caused invalid cookie values (Scott L. Burson)
138 Various documentation and style updates
139 Fix documentation bug found (Mathieu Lemoine)
140 Fix bug that could hang Hunchentoot under load (Mathieu Lemoine)
144 Fix crash when error occurs while logging error (reported by Xu Jingtao)
145 Fix compilation with :hunchentoot-no-ssl feature (Mark Evenson)
146 Fix Range header handling (Simon Sandlund)
147 Export acceptor-remove-session
148 ECL timeout support (Juan Jose Giarcia-Ripoll)
149 Changed cookie handling - Hunchentoot no longer encodes cookies
150 automatically. Applications must make sure that they only set cookies
151 to permitted values (refer to RFC6265 for the details, thanks to Ralf
152 Stoye for debugging help)
156 Fix warning on LispWorks (Nico de Jager)
157 Documentation updates
158 Remove obsolete symbols from export list
159 Add easy-ssl-acceptor
160 Document acceptor-remove-session, remove obsolete *session-removal-hook* export (Issue #15)
161 Added :description to asdf system definition
162 Add documentation section describing how to bind to privileged ports
166 Use FINISH-OUTPUT instead of FORCE-OUTPUT at connection end (I. Perminov)
167 Documentation updates
168 External format EOL style fixes for Windows (Anton Kovalenko)
172 Fix to allow send-service-unavailable-reply to work (Faré Rideau)
173 Make sure we always have a cooked message to send in case of error (Faré Rideau)
174 Add www/ directory with default file tree that is being served
175 Add error template mechanism and improve error reporting in general.
176 Improve automatic testing, SBCL kludge to support asdf:test-op
177 Allegro CL modern mode fixes
178 Fix bugs in serving partial responses
179 Limit maximum number of threads that Hunchentoot creates (Dan Weinreb, Scott McKay)
180 Export fixes (Gordon Sims, Andrey Moskvitin, Faré Rideau)
181 Factor out easy-handler logic into separate acceptor subclass
182 Export two session functions (Nico de Jager)
183 Allow no Content-Type header (Chaitanya Gupta)
184 Patch for compilation with ECL (Sohail Somani)
185 Fix DEFINE-EASY-HANDLER for multiple acceptors (Nicolas Neuss)
186 Revived *SHOW-LISP-BACKTRACES-P*
187 Made sure "100 Continue" is returned even if the client sends "Expect: 100-continue" twice (reported by Gordon Sims)
188 Fixed typo in code which interprets transfer encodings
192 Exported WITHIN-REQUEST-P (Faré Rideau)
193 Safeguard measures against XSS attacks (J.P. Larocque)
194 Prevent potential leak when closing stream (Matt Lamari, Martin Simmons)
195 Change some occurrences of HANDLER-CASE* to HANDLER-CASE (Hans Hübner, Allan Dee)
199 Architectural changes - see HANDLE-REQUEST (thanks to Andreas Fuchs and Frode Fjeld)
200 Re-introduced *CATCH-ERRORS-P* and MAYBE-INVOKE-DEBUGGER
201 Integration with trivial-backtrace (see *LOG-LISP-BACKTRACES-P*)
202 Treat :UNSPECIFIC like NIL in pathname components (reported by Frode Fjeld)
204 Prepared for LispWorks 6 (Nico de Jager)
205 Fixed reading of post parameters (Peter Seibel and Stephen P. Compall)
206 Fixed STOP by supplying the :READY-ONLY keyword to USOCKET:WAIT-FOR-INPUT
207 Enabled SSL key passwords for Lisps other than LW (Vsevolod)
211 Complete architectural redesign (together with Hans Hübner)
212 Lots of small fixes and improvements, too many to enumerate here
216 Fixed embarrassingly mis-placed parentheses (thanks to Hans Hübner)
220 Removed FORCE-OUTPUT* and thus the ACL-COMPAT dependency (thanks to Hans Hübner)
221 Support for MP-less CMUCL (thanks to Hans Hübner)
225 Fixed unportable LOOP usage (caught by "C S S")
229 Added CODE parameter to REDIRECT (thanks to Michael Weber)
233 Fixed typo in test.lisp (thanks to Ben Hyde)
234 Changed wrong usage of EQ to EQL (thanks to Ariel Badichi)
235 Fixed typo in default handler (thanks to Eugene Ossintsev)
239 Uses CL-FAD for HANDLE-STATIC-FILE now
240 Better error reporting for CREATE-FOLDER-DISPATCHER-AND-HANDLER (suggested by Cyrus Harmon)
241 Faster version of WRITE-HEADER-LINE (thanks to V. Segu�)
245 Added support for CLISP (thanks to Anton Vodonosov)
249 Replace ENOUGH-NAMESTRING with ENOUGH-URL (patch by Kilian Sprotte and Hans Hübner)
253 Fix compilation order (thanks to Tiarnan O'Corrain and Chris Dean)
257 Robustified MAKE-SOCKET-STREAM against potential leak (thanks to Alain Picard)
258 Replaced #-FOO #-FOO constructs for OpenMCL (patch by Michael Weber)
259 Updated tutorial links
263 Made log stream shared on OpenMCL (thanks to Gary Byers)
267 Enabled GET-GID-FROM-NAME for newer versions of SBCL (patch by Cyrus Harmon)
271 Better handling of PORT parameter in REDIRECT (thanks to Vladimir Sedach)
275 Fixed bug where you couldn't set "Server" header (caught by Ralf Mattes)
276 Documentation clarification for HEADER-OUT function
280 Added support for "HttpOnly" cookie attribute
284 Added *METHODS-FOR-POST-PARAMETERS* (suggested by Jonathon McKitrick)
288 Better support for WITH-TIMEOUT on SBCL/Win32 (thanks to Anton Vodonosov)
292 Now uses bound for flexi stream returned by RAW-POST-DATA
293 Needs FLEXI-STREAMS 0.12.0 or higher
298 Added declaration in server.lisp to appease SBCL
302 Fixes for OpenMCL (thanks to Lennart Staflin and Tiarnan O'Corrain)
306 Added server names and coupled them with easy handlers (suggested by Mac Chan)
307 Exported SESSION-COOKIE-VALUE instead of SESSION-STRING (suggested by Slava Akhmechet)
308 Documentation fixes (thanks to Victor Kryukov and Igor Plekhov)
312 Made MAYBE-INVOKE-DEBUGGER a generic function and exported it (suggested by Vladimir Sedach)
316 Fixed CREATE-FOLDER-DISPATCHER-AND-HANDLER in the presence of URL-encoded URLs (bug caught by Nicolas Lamirault)
320 Made DEF-HTTP-RETURN-CODE more flexible (suggested by Jong-won Choi)
324 Added PORT parameter to REDIRECT (suggested by Cyrus Harmon)
325 Exported REMOVE-SESSION (suggested by Vamsee Kanakala)
329 Added socket timeouts for AllegroCL
330 Catch IO timeout conditions for AllegroCL, SBCL and CMUCL (suggested by Red Daly and others)
331 Added per-server dispatch tables (suggested by Robert Synnott and Andrei Stebakov)
335 USE the CL package explicitly when defining HUNCHENTOOT-MP (bug report by Joel Boehland)
339 Correct behaviour for "100 Continue" responses
347 Don't use chunked encoding for empty (NIL) bodies
351 Really exported REASON-PHRASE this time (and also *CURRENT-PROCESS*)
355 Added HUNCHENTOOT-MP package (suggested by Cyrus Harmon)
356 Only invoke MARK-AND-SWEEP for 32-bit versions of LW (thanks to Chris Dean)
357 Exported REASON-PHRASE
361 Added *APPROVED-RETURN-CODES*, *HEADER-STREAM*, and +HTTP-FAILED-DEPENDENCY+
362 Exported MIME-TYPE and SSL-P
367 Added +HTTP-MULTI-STATUS+
371 Fix test suite to properly handle non-base characters in LW (bug caught by Jong-won Choi)
375 Fixed last change (thanks to Marko Kocic)
379 Development port (no threads) to SBCL/Win32 (patch by Marko Kocic)
380 Support for compilation without SSL
384 Don't use NSTRING-UPCASE for outgoing headers (bug caught by Saurabh Nanda)
385 Changed ProxyPass example in docs from /lisp to /hunchentoot
389 Reset to "faithful" external format on each iteration (bug caught by Viljo Marrandi and Ury Marshak)
393 Accept chunked transfer encoding for mod_lisp request bodies (thanks to Hugh Winkler's mod_lisp additions)
394 Robustify against erroneous form-data submissions (caught by Ury Marshak)
398 Even more flexible behaviour of RAW-POST-DATA
402 More flexible behaviour of RAW-POST-DATA
403 Robustified PARSE-CONTENT-TYPE
407 More meaningful results for RAW-POST-DATA
411 Added favicon.ico to example website (thanks to Yoni Rabkin Katzenell, Toby, and Uwe von Loh)
415 Added Hunchentoot logo by Uwe von Loh
419 Exported symbols related to session GC (suggested by Nico de Jager)
423 Added *HANDLE-HTTP-ERRORS-P* (thanks to Marijn Haverbeke)
424 Remove duplicate headers when reading from mod_lisp
428 Fixed HEADER-OUT (thanks to Robert J. Macomber)
432 Fixed bug in START-OUTPUT which confused mod_lisp
436 Changed behaviour of REAL-REMOTE-ADDR (as suggested by Robert J. Macomber)
437 Fixed COOKIE-OUT (thanks to Robert J. Macomber)
441 Don't bind *DISPATCH-TABLE* too early (thanks to Marijn Haverbeke)
445 Fixed bug in AUTHORIZATION function (reported by Michael J. Forster)
449 Correct SSL check in REDIRECT function
450 LOG-MESSAGE now checks for (BOUNDP '*SERVER*)
454 OpenMCL fixes (by Ralf Stoye)
458 No timeouts for mod_lisp servers (as in Hunchentoot 0.3.x)
462 Fixed a typo in easy-handlers.lisp (caught by Travis Cross)
466 Ported to CMUCL, SBCL, OpenMCL, and AllegroCL
468 Tons of small changes, too many to list them individually
472 Uses TBNL's WITH-DEBUGGER now
476 Added *CATCH-ERRORS-P* (from TBNL)
480 Accept HTTP requests with chunked transfer encoding
481 Use Chunga for chunking
485 Skip START-OUTPUT advice completely if working for TBNL
489 Added write timeouts for LW 5.0
490 Updated LW links in documentation
494 Serves as infrastructure for TBNL now (to replace KMRCL)
495 For HTTP/1.1 only send 'Keep-Alive' headers if explicitly requested
499 Connection headers are separated by commas, not semicolons
503 Refactored streams.lisp to appease LW compiler (thanks to Martin Simmons)
504 Changed handling of version string
505 Changed package handling in system definition (thanks to Christophe Rhodes)
509 Removed KMRCL workaround
513 Mention TBNL version number in server name header
517 Fixed package stuff and HYPERDOC support
521 Initial public release
523 [For earlier changes see the file "CHANGELOG_TBNL" that is included with the release.]