Date: Thu, 31 Oct 2019 22:51:05 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 241630] [maintainer-update] www/wt update 4.1.2 Message-ID: <bug-241630-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D241630 Bug ID: 241630 Summary: [maintainer-update] www/wt update 4.1.2 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: info@babaei.net Created attachment 208750 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D208750&action= =3Dedit www/wt3 v4.1.1 to v4.1.2 patch file Release 4.1.2 (October 30, 2019) This release fixes the following issues: wthttp security issues: Wt internally used an SSL-Client-Certificates header to send client certificates to child processes when using dedicated process mode. It was however always accepted even when Wt was not behind a reverse proxy, and se= nt to child processes as-is. wthttp now correctly disregards it when not recei= ved from a reverse proxy. The header was also renamed to X-Wt-Ssl-Client-Certificates to clarify that it is a non-standard internal = Wt header. When using dedicated session processes with wthttp, the parent proc= ess would trust X-Forwarded-Proto and X-Forwarded-Port even when Wt was not configured to be behind a reverse proxy. These are now discarded. Fixed an issue raised on the forum causing WTreeView to not properly re= act to certain size changes. Fixed issue #7291: wtfcgi would not properly match default entry point Fixed a few issues found by clang-analyzer: Fixed an issue in WAnchor that would cause image() to return nullpt= r if it was provided in the constructor. Fixed WCssDecorationStyle self-assignment Made tests succeed even if Wt is built with ENABLE_UNWIND=3DON. issue #7292: OAuthService now correctly uses refresh_token instead of refreshToken Http::Client fixes: fixed issue #7272: support @ character in the path of a URL fixed 204 No Content response code behavior (would hang before, wai= ting for content) (issue #7273) More informative error and exception messages: QueryModel's "geometry inconsistent with database" exception now contains row and cache start and size information WebSession's "not serving this" info message contains more context = so it's less confusing Documentation fixes: The release notes for Wt 3.3.8 incorrectly referred to allowed-host= s, while this property is actually named allowed-origins Updated WLocale::setTimeZone() documentation --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-241630-7788>