view release on metacpan or  search on metacpan

Changes  view on Meta::CPAN

   - MP1: perltidy Apache::AuthCookie sources.
   - update mod_perl2 prereq version (still 2.0.0 RC5, but version number was
     incorrect in Makefile.PL)
   - use Dist::Zilla for building the dist

3.13  2010-04-12
   - removed: bad dist

Version: 3.12
   - Makefile.PL If no mod_perl version is found, just require mod_perl2.
     This makes sure that CPAN testers will get the right dependencies.
     way. Also set up PREREQ_PM properly for mod_perl version 1.

Version: 3.11
   - Fix tiny pod doc error.
   - Escape CR and LF in 'destination' field to prevent possible XSS attack
     [Steffen Schwigon]

Version: 3.10
   - Bug Fix: when copying user from prev request, check that $r->prev
     is defined, not just that $r->is_initial_request is true.

Version: 3.09
   - POD doc fixes.
   - MP2: remove _check_request_req() - this was only necessary when
     running under both MP1 and MP2.  Package name change eliminates the
     need for this.
   - test suite converted to Test::More style test suites.
   - descriptive test descriptions added
   - make login() stash credentials in $r->pnotes("${AuthName}Creds") so
     that the login form can access the user-supplied credentials if the
     login fails.
   - bug fix: use of Apache2::URI::unescape_url() does not handle
     '+' to ' ' conversion.  This caused problems for credentials
     that contain spaces.
   - MP2: remove mod_perl features from "use mod_perl2" line. This is 
     no longer supported by mod_perl2.
   - MP2: _get_form_data() - switch to CGI.pm to handle form data (fixes
     several form data handling bugs)
   - In a subrequest, copy $r->prev->user to $r->user (or r->connection->user 
     for MP1).
   - remove Apache2::AuthCookie::Util - no longer necessary
   - multi-valued form fields are now handled properly in POST -> GET conversion
   - MP2: require CGI.pm 3.12 or later

Version: 3.08
   - fix "authorize user" error log that was missing a debug level check
     (thanks Barry)
   - fix test cases 3, 6, 18 for Win32
   - clean up t/real.t

Version: 3.07
 *** mod_perl2 users: THIS RELEASE IS INCOMPATIBLE WITH PAST RELEASES    ***
 *** If you are running mod_perl2, you must update to at least           ***
 *** mod_perl 2.0.0 RC5.  The mod_perl2 version of AuthCookie has been   ***
 *** renamed to Apache2::AuthCookie                                      ***
  ** MP2: RENAME AuthCookie.pm.mp2 to Apache2::AuthCookie.
   - MP2: Update module, and tests for mod_perl 2.0.0 RC5.  mod_perl2 users
     MUST use Apache2::AuthCookie now.
   - Require Apache::Test 1.22
   - Add support for ${auth_name}SessionTimeout configuration paramter
     which will re-issue the ticket with the expires parameter set to the
     value of this configuration setting for each request.  This is useful for
     idle-timeout.
   - POD fixes.
   - MP2: fix uninitialized warnings if no POST/GET data (RT 11371)
   - make sure recognize_user() returns an Apache constant in all cases.
     Returns DECLINED in cases where we were returning undef before.
     (Thanks Vivek)
   - Add support for MS HttpOnly cookie property.

Version: 3.06
  ** BUG FIX: AuthNameSatisfy (Any|All) directives were broken. AuthCookie
     was using AuthCookieSatisfy rather than ${auth_name}Satisfy.  If you
     used this feature and had an "AuthCookieSatisfy" directive in your
     config file, you MUST change this to ${auth_name}Satisfy.
     E.g.: "WhateverSatisfy All"
   - created better test cases for AuthNameSatisfy directives.
   - when redirecting, set Location with headers_out() not err_headers_out().
     apache prefers Location in headers_out, even if the status code is not
     200.
   - MP2: Apache::unescape_url() -> Apache::URI::unescape_url()
   - check for mod_perl 1.9913 or later for Apache::URI (Frederick Moyer)
   - Remove set status in login.pl which caused malformed custom error
     document (Frederick Moyer)
   - Add support for ${auth_name}CookieName to change the name of the cookie
     used for each auth name.  Default remains ${auth_name}_${auth_type} if
     not set.
   - make some debug log_error() calls conditional on $debug

Version: 3.05
   - Fix POD documentation bug (thanks Steve van der Burg)
   - login(): set Location header with err_headers_out rather than headers_out
     (Casey West)
   - put cookie removal code in remove_cookie() method, put cache handling
     code in handle_cache() (Mark A. Hershberger)
   - reorganized tree to support multiple mod_perl versions.
   - rewrote tests to use Apache::Test framework from CPAN.
   - fix POD errors in authorize() documentation.
   - initial support for mod_perl version 2
   - mp2: check for Apache::RequestRec arg so that unported subclasses
     throw exceptions.

Version: 3.04
   - add _convert_to_get() to login_form(), and make POST -> GET conversion
     skip credentials and destination data so only extra data is copied. This 
     ensures that "destination" wont contain the login data.

Version: 3.03
   - various POD typos fixed (Eric Cholet)
   - Add support for ${AuthName}P3P which will set up a P3P header that will
     be sent with the cookie.
   - fix undefined warning in _convert_to_get (David K Trudgett)
   - fix potential cookie clobbering if cookie was set in earlier handler
     phase in send_cookie() (Carlyn Hicks).
   - various undefined value warnings eliminated

Version: 3.02
   - Add support for AuthNameSatisfy directive (can be Any/All, default: Any)
   - Move cookie path setting into get_cookie_path() so that users can
     overload this function if they desire (Thanks Raj Chandran)