home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
OS/2 Spezial
/
SPEZIAL2_97.zip
/
SPEZIAL2_97.iso
/
ANWEND
/
ONLINE
/
SREFV12J
/
CHANGES.DOC
< prev
next >
Wrap
Text File
|
1997-09-21
|
47KB
|
969 lines
20 September 1997.
This document contains a history of changes to SRE-FILTER, starting
from version 1.2d. Older changes (from version 1.11 to 1.2d)
are documented in CHANGES0.DOC (CHANGES0.DOC can be found at
http://rpbcam.econ.ag.gov/srefilter/changes0.doc)
Please note that as of this writing the SRE-Filter is at version 1.2j
(sub version .997c). Please keep an eye on the SRE-Filter home page
for updates (http://rpbcam.econ.ag.gov/srefilter).
You may also want to examine the documentation files, including:
The user's guide: GUIDE.HTM.
A "frequently asked questions" file: SREFILTR.FAQ.
An outline of how SRE-Filter works: OUTLINE.HTM.
The SRE-Filter manual: SREFILTR.HTM.
A detailed description of initialization parameters: INITFILT.DOC.
------------------------------------
Changes from ver 1.2d to 1.2e:
HTACCESS support added:
Addition of support for directory-specific access controls (and
redirection) using HTACCESS files (using code adapated from the
GOHTTP filter, courtesy of D. Meyer).
For further details, see the description of the HTACCESS_FILE and
DO_HTACCESS variables in INITIFLT.DOC
One fringe benefit of HTACCESS support is that the SHOWDIR dynamic
directory list processor can now be used with SRE-Filter -- see
SHOWDIR.DOC for details.
NOTIFY method of redirection added:
Addition of a !NOTIFY method of redirection (client is informed of the
move, but is not actually redirected).
Best matching is used (instead of first matches):
When searching access controls, virtual directories, aliases, and the
various other .IN, .CNT, and .CTL files: SRE-filter will now use a "best
match" criteria, rather then a first match criteria, when choosing
between wildcard matches (exact matches still have priority).
User defined MIME types:
You can now define your own MIME media types using the MEDIATYP.RXX file.
Furthermore, you can define your own "SHTML" (server side include
permitted HTML files) extensions by modifying the SSI_EXTENSIONS variable.
--------------------------------------
Changes from 1.2e to 1.2f (up to 24 Sept 1996)
Configurator improvements:
A number of changes were made to the "Initialization Parameters" portion
of the configurator (in addition to earlier changes to the "parameter
files section). The most important change is that you can now use the
configurator to modify "host specific" parameters en masse.
Almost all initialization parameters can be host specific.
The naming convention has been standardized (NAME.HOST_NICKNAME or
NAME.n.HOST_NICKNAME). Note that the OWNERS, PUBLIC_URLS, INHOUSEIPS, and
UNALLOWEDIPS parameters must be host-specific (non host-specific values
will NOT be used as defaults for these four parameters).
The configurator can now be used to view and modify HTACCESS files.
Enhancements to file upload capabilities:
The GET_URL and PUT_FILE "file upload" methods are no longer limited to
the UPLOAD_DIR directory. The client can now specify a directory (using
a URL-like syntax, i.e.; DIR1/foo.bar) of the UPLOAD_DIR. Furthermore,
the "subdirectory" portion can map to a virtual directory -- for example,
DIR1/ may map to D:\NOTWWW\OURDIR\.
As a security feature, uploads to "virtual directory" require
that this virtual directory (i.e.; DIR1/) have a PUT permission assigned
to it (using the ACCESS_FILE).
Addition of a simple load balancing feature:
You can implement a simple form of load balancing by changing
a few parameters in the SREFILTR.80 file. See the discussion of the
LOADTHRESHOLD variable in INITFILT.DOC for details.
Improvments to the FIX_EXPIRE parameter:
The FIX_EXPIRE parameter (for suppressing "immediate expiration")
now applies to GETAFILE, DOSEARCH, and CGI-BIN requests (as well as
documents cnotaining server side includes).
Changes to the post-filter capability:
You can now call a series of Post-filters (instead of just one).
The Post-filters are now passed the name of the fully qualified file
used in the request (either a document name, or the name of the CGI
script or external REXX procedure used in a server side processing
request).
The "used file" is now passed to the client. This may be the
name of the file transfered (such as an HTML or GIF file),
the name of the CGI-BIN script executed, or the name of the
external REXX procedure executed).
POSTRCRD.80, A simple "client information recorder" post-filter,
is not packaged with SRE-Filter. POSTFILT.80 is now just a simple
example, with POSTMAIL.80 now containing the "e-mail alert" procedure.
Changes to public_urls:
When determining which of several wildcard matches to PUBLIC_URLS should
be used, a "best match" is used rather then a "first match".
On multiple-host servers, only PUBLIC_URLS specifically listed for a
(defined) host are used (that is, the non host-specific PUBLC_URLS are
NOT used as defaults).
There is now a more forgiving method of responding to "literal"
PUBLIC_URLS that point to aliases. Before, requests that matched
these "improper" literal public_urls resulted in "no such document"
responses. Now, SRE-Filter will ignore the "literal", and treat
the request like a normal PUBLIC_URL (that is, alias matching
will be attempted).
Logon bug fix:
Repaired a bug that, under unusual circumstances, allowed a client
to logon by using a blank username and password.
-------------------------------------------------------
Changes from ver 1.2f to ver 1.2g.
!DIRECTORY option added to AUTO_NAME.
!DIRECTORY and !DIRECTORY* are now synonyms for !CREATE and !CREATE*.
Fixed uninformative "not found document" message:
When using the !CREATE "auto name" option, if the requested directory did not
exist, a too-simple "Unavailable" message was returned. Now, the standard
"document not found" message will be returned.
Not found response can now point to a file:
You can now return a customized document (rather then a simple text string)
whenever a request for a non-existent resource occurs. See the
the discussion of the NOT_FOUND_RESPONSE variable (in INITFILT.DOC)
for details.
Timefmt NSCA HTTPD directive brought up to spec:
The timefmt NCSA HTTPD "server side include" directive is now fully
supported by SRE-Filter -- all dates in the NCSA HTTPD style server
side includes will now follow the rules set in timefmt directives
(with a default of '%c'). For details on the timefmt directive,
see TIMEFMT.DOC. Note that the "native" SRE-Filter time and date
server side includes are not effected by timefmt (basically,
a %c equivalent is used; i.e.; 13:01:33 27 August 1988).
DNS_CHECK bug repaired
DNS_CHECK failed to work. It has now been fixed.
Restructuring of code:
A minor restructuring of code to shrink the size of the filter (but
expand macrospace) should help speed things up (a bit) under load.
Best match improvement:
Best match will now consider the "length of the string after the *"
when comparing "best matches" that are otherwise equivalent (see
INITFILT.DOC for details).
Message box facility improved:
The simple message box facility (MESSAGE, ASKMESSBOX, and VIEWMESS)
has been upgraded. Of greater interest, a new "multi-
threaded forum" facility has been added. This uses REXX procedures
and server side including HTML documents, in conjunction with
SRE-Filter message boxes, to implement a basic multi-threaded
forum using a "news reader" type interface. See FORUM.DOC for details.
Note that MESSBOX specific privileges (possibly wildcarded)
are now required to access message boxes (either through the
MESSAGE or FORUM).
A "list server" like facility added:
Complementing the improved message boxes and the FORUM facility,
READMAIL and MAILLIST, two "list server" like facilities, have been
added. READMAIL (and MAILLIST) will read e-mail messages stored in an
inbox (say, as written by SENDMAIL), and place the contents of these
messages into a SRE-Filter messagebox OR rebroadcast the
message to a list of users. See READMAIL.DOC for details.
Fixed an occasional bug in the INTERPRET and SELECT keyphrases:
A problem when setting INTERPRET.RESULTS or SELECT.RESULT has
been fixed. In addition, you can now return results to
the SELECT keyphrase by including RETURN 1 or RETURN 0 in your
"REXX code block" (rather then setting the value of SELECT.RESULT).
Similarly, use of QUEUE statements, in addition to setting the
value of INTERPRET.RESULTS, is supported for the INTERPRET keyphrase.
An example of how to set up a simple, 3-tiered site:
See INITFILT.DOC for a description of how to efficiently setup a
3-tiered site: with directories et al that provide unmonitored public
access, monitored public access, and controlled access.
Fixed a bug with the HOSTS. variables:
Requests directly to a numeric IP address, rather then a name,
were mishandled when a HOST: request header was present. This has
been fixed.
Add COUNTS_FILE and HITS_FILE server side include options:
COUNTS_FILE and HITS_FILE are equivalent to the COUNTS and HITS
options of the REPLACE ssi keyphrase. The difference is that
the fully qualified file name is used, rather then the request string
(the URL).
RECORD_OPTION can now "record by file":
You can tell SRE-Filter to record all requests by file name,
rather then by URL (this is the RECORD_ALL_FILE equivalent to
COUNTS_FILE and HITS_FILE) -- see the description of RECORD_OPTION
in INITFILT.DOC for details
A bug when "aliasing" CGI-BIN scripts has been fixed:
The use of aliases to redirect CGI-BIN requests to scripts, in
directories other then CGI_BIN_DIR, malfunctioned when the
request was of the form CGI-BIN/ASCRIPT?wow (where ASCRIPT
was an alias to some directory).
A syntax for indicating the directory of a CGI-BIN script:
When the CGI-BIN/ sub-string apears after some subdirectory information
(for example DADSTUFF/SCRIPTS1/CGI-BIN/ascript?anargumemt),
SRE-Filter will use that "pre CGI-BIN/" information as a pointer to
the directory containing the script.
Note that this may be under the CGI_BIN_DIR, or may be a virtual
directory (i.e.; D:\GOSERVE\CGI-BIN\DADSTUFF\SCRIPTS1\)
NO_SSP permissions were not applied to CGI-BIN scripts:
CGI-BIN requests took place, even if a NO_SSP permission applied.
This has been fixed (this is now an important feature, given
the "non-spec" virtual directory method mentioned above).
Adding the "username" to the privilege list:
SRE-Filter will now add the users "logon name" to her
privilege list (this can be suppressed). This can be useful,
when combined with URL-specific access controls, as a means
of providing individualized access.
PUBLIC_PRIVS added to privilege list of PUBLIC_URLS:
The RECORD_ALL_FILE can now be cached:
To cut down on the number of disk writes, the RECORD_ALL_FILE
is now cached. To modify, or turn this caching on, set the
RECORD_CACHE_LINES variable in SREFILTR.80
A "just read" documents list can now be used to suppress hit augmenting:
To cut down on false hits (i.e.; from people "backing up" to a
document), SRE-Filter can maintain a "suppress recent hits list".
To turn this feature on, see the HIT_CACHE_LEN variable in
INITFILT.DOC.
Minor modification to range retrieval:
Range retrieval now understands the If-modified: and Umless-modified:
request headers. Note that the If-Invalid: and If-valid: headers
are ignored.
Changes to the USETABL2.RXX "interpretable" file:
The list of "table capable" and "table incapable" browsers has been greatly
expanded. Also, a bug that could crash GoServe has been fixed
(if the user-agent was unknown, an EXIT command resulted, which crashed GoServe).
Changes to PUBLIC_URL processing:
* If a literal public_url was specified using an "exact name" that
contained a * wildcard, the appropriate file match was not performed,
and a "not found" message was returned. This has been fixed.
* The PUBLIC_PRIVS are now used as the privilege list for
request for PUBLIC_URLS. Note that this can be useful when
using a PUBLIC_URL to invoke the FORUM or MESSAGE facilities
(i.e.; include a MESSBOX:PUBFORUM in your PUBLIC_PRIVS list).
* PUBLIC_URLS may have a NORECORD attribute (in addition to
the LITERAL and LITERAL_NORECORD attribute). T
* The "exact names" in literal PUBLIC_URLS with "exact names" can
now contain a * wildcard character (SRE-Filter will make the
appropriate substituttion.
---------------------------------------------
Fixes to ver 1.2g.
10/28/96
* Post-filter routines now are given the value of the "referer" request
header. See POSTRCRD.80 for an example of how this is used.
10/30/96
* The "PASSWORD" field in SRE-Filter message boxes was inadvertently
set when no explicit password was given. FORUM would then accept
a blank password as a legitimate match. This has been fixed.
10/31/96
* A HIT_SUPPRESS_OWNERS variable, when set to 1, will instruct
SRE-Filter NOT to record requests from OWNERS.
For details, see the description of the HIT_SUPPRESS_OWNERS
variable in INITFILT.DOC.
* You can now "chain" pre-filters. For details, see the descripiton of
PREFILTER_NAME in INITFILT.DOC.
11/01/96
* The GETAFILE facility was been upgraded:
A suppress TABLE border option has been added
The SHOWDATE=YES option of GETAFILE now shows dates using
15 Nov 1995 format (if you want to display dates using a
11/15/95 format, use SHOWDATE=YES_SHORT).
See SREFILTR.HTM for details.
11/03/96
* The INTERPRET FILE keyphrase can now include arguments, which
will be available to the "interpreted" REXX file. See
SREFILTR.HTM for details.
* The "resource privileges" list can now contain two types
of privileges -- ANY_ONE and MUST_HAVE; where ANY_ONE are
"or" conditions, and MUST_HAVE are "and" conditions.
See SREFILTR.HTM for details.
* A dynamic (and short lived) privilege can be assigned to
clients (using their IP address). This can be used to restrict
access to files to those going through "proper" procedures.
Furthermore, creation of these dynamic privileges is easily
accomplished by invoking the ADDPRIV.RXX add-on in an INTERPRET FILE
keyphrase. See ADDPRIV.DOC for details.
* A LOGON_LIMIT number of "logons" can be enforced per client per minute.
* If LOGON_FAIL_FILE is set, a custom written "logon-failure" response
file can be sent instead of a plain "401 Unauthorized" response.
See the discussion of the LOGON_FAIL_FILE variable in INITFILT.DOC
for details.
11/07/96
* If the client does not have "URL-specific" access, an ACCESS_FAIL_FILE
can be sent.
* A "access failure file" field has been added to the ACCESS_FILE.
If present, it overrides the value of ACCESS_FAIL_FILE.
See the discussion of the ACCESS_FAIL_FILE variable in INITFILT.DOC
for details.
* The SRE-Filter configurator has been modified to recognize thie
"access failure file" field in the ACCESS_FILE.
11/08/96
* The OWNERS variable was not being recognized.
The HIT_OWNER_SUPPRESS variable was not being acted on.
Both of these bugs have been fixed. Note that in all likelihood,
these bugs were introduced around Nov. 3.
11/10/96
* A NO_INTERPRET_CODE parameter can now be set; it instructs SRE-Filter
to suppress SELECT and INTERPRET CODE server-side-include keyphrases.
In addition, an equivalent "NO_CODE" permission can be set on a
"URL-specific" basis. Note that this is a subset of NO_PROCESSING
and the NO_SSP permission -- it provides some protection against
ill-mannered users, without quashing all server-side includes and
processing.
* The ACCESS_FAIL_FILE and LOGON_FAIL_FILE are now set in INITFILT.80
(rather then in SREFILTER.80).
11/12/96
* You can tell SRE-Filter to save "request specific" information
to a temporary file. This information can be used by external
procedures, AND by post-filter actions. See the description of
the SAVE_STATE variable (in INITFILT.DOC) for details.
* To support the above, SRE-Filter now passes the "thread-id"
of the request to the post-filter processor.
11/14/96
* A "web page counter", COUNTER.RXX, is now included. COUNTER.RXX has
a number of options, including the ability to save information on
each request. See COUNTER.DOC for details.
* The SENDFILE facility can use COUNTER.RXX (rather then the simpler
default). See SREFILTR.HTM for details.
11/16/96
* When using the LOGON_FAIL_FILE, Netscape would not display the response
(due to faulty response code). This has been fixed.
* The error message when attempting to SENDFILE a non-existent file
was uninformative. This has been fixed. SENDFILE will also
note (if COUNTER= is used) failed attempts.
11/17/96
* Modified the various *CFG.CMD files (the configurator procedures)
to permit remote access by clients with SUPERUSER privileges.
* The "own name" privilege was being added to the client privilege
list, even when ADD_USER_NAME='NO'. This has been fixed.
11/19/96
* Minor modifications to FILTINST.CMD.
* Created SREF_WRITE_STATE -- the complement to SREF_READ_STATE
(used for writing to the "thread specific" cache)
* If SAVE_STATE=1, the SENDFILE facility will write the bytes sent
and the bytes in the file to a SENDFILE_STATUS variable in
the "thread specific" cache
* CGI-BIN calls are given two additional (SRE-Filter specific) variables:
CALLER_THREAD (useful if you want to use SREF_WRITE_STATE) and
SCRIPT_DIR (the directory the of CGI-BIN script being executed).
In addition, TEST-CGI.CMD has been modified to display these
"environment variables".
11/21/96
* The OWNER_SUPPRESS feature of COUNTER.RXX did not work, when called
as a procedure. This has been fixed.
* The "#config sizefmt=xxx" server side include directive
was not spec. This has been fixed: fractions are not used
when sizefmt=abbrev, and commas are inserted when sizefmt=bytes.
* COUNTER.RXX can now generate simple "odomoeter" style graphical
counters, when called as an in-line image (it uses Don Meyer's
XCOUNT.CMD code).
11/23/96
* On GET method requests that invoke an external procedure to
perform "server side processing": the LIST variable (consisting
of items following a ? in the request string) is url-decoded
url-decoded -- the documentation (SREFILTR.HTM) had claimed that
it was not!
Note that in some cases it's best to use the URI argument, which
will contain the original request string.
11/27/96
* The RESPONSE_FILE option of the MESSAGE facility did not work.
This has been fixed.
* A simple means of "limiting" the scope of virtual directories
has been added. See the "sample" VIRTUAL.IN file for details.
* A few options have been added to GETAFILE, including a "standard"
mode (where you specify just the subdirectory) that yields
a standard tabular display of icon, name, date and size.
See GETAFILE.HTM for details.
12/01/96
* The installation procedure has been moderately reworked. It now
gives you the opportunity to set a few of the more commonly
used parameters.
* A bug that rendered GETAFILE useless, introduced sometime between
11/27 and 12/01, was repaired.
* The various .CMD files now give coherent error messages if accidentally
run from the command line (rather then called as external procedures
by SRE-Filter).
12/09/96
* The AUTO_HEADER would occasionally add a second : to http-equiv
generated response headers. This has been fixed.
----------------
On 12/31/96, a new version of SRE-Filter was released (SREFV12H.ZIP).
This incorporates all the above changes, plus the following.
Changes from 1.2g to 1.2h
* User specific "web" subdirectories of the HOME_DIR can now be
specified by including a $ in the HOME_DIR parameter.
* The HOME_DIR replacment for ~ could not be used with AUTO_NAME
construction. This has been fixed (HOME_DIR replacement now
occurs before AUTO_NAME construction).
* The FORUM, READMAIL and MAILLIST facilities are no longer
packaged with SRE-Filter. Instead, they are available as
add ons.
* A web based BBS add-on is now available for SRE-Filter.
* The MAILLIST add-on can now be instructed to forward unused mail
(mail NOT to one of the listed "forums") to an alternative
mail box directory. Furthermore, a special .UML file can be created
for use by UltiMail.
* !DIR, a new "directory lister" has been added to SRE-Filter.
The !DIR facility largely replaces the GETAFILE external
procedure; it is used when a !CREATE option appears in the
AUTO_NAME variable.
To control the format and content of the directory listings
created by !DIR, two new variables have been added to
INITFILT.80: DIR_OPTIONS and DIR_EXCLUSION
Furthermore, !DIR will cache it's output, and use the cache
when appropriate. This can substantially improve performance,
especially when you are using "automatic descriptions".
For more details on the !DIR facility, pless see DIR.DOC.
* GETAFILE is now available as an add-on.
GETAFILE has a few new features, including:
* the ability to use "one line per file" description
files (these are more standard then the "block delimited"
files used by earlier versions of GETAFILE).
* the ability to automatically generate a description for
HTML, Text, and .ZIP files
* the ability to "expand" .ZIP files, and to extract files from
.ZIP files
Note: the !DIR built-in facility also has the first two of these
features (but NOT the .ZIP file expansion capability)
* Several new special "directives" have been added:
!SENDAS_MIMETYPE_SUBTYPE -- forces server to use a particular
mime-type/subtype
!DELSEND -- Sends, and then deletes, files from the
TEMPFILE_DIR directory.
!FORCE -- Used in LOGON_FAIL_FILE s to "force" a logon.
It also can be used to "suppress the SSI-CACHE",
* The SRE-Filter configurator has been substantially re-done.
There is now a "simple" mode configurator, as well as the
older "intermediate" mode configurator. As part of this process,
the FILTINST.* files have been renamed. If you use the
defaults to install SRE-Filter (ver 1.2h), you can invoke
the configurator by pointing your browser at
http://your.server/CONFIGURE
* The CACHED_FILES parameter has been dropped.
* A seperate "thread" has been added to handle the "SSI-Cache".
The SSI-Cache is used to cahce html documents which contain server
side includes.
SSICACHE.HTM contains a description of how "SSI-caching" works,
and how you can configure it.
* If the HEADER.1 parameter begins with a <BODY>, it will replace the
first <BODY> element (rather the follow it).
* Self-recursive (hence infinite) server-side includes are now trapped.
* Several new documentation files have been added, including GUIDE.HTM --
a guide to the features of SRE-Filter (it complements SUMMARY.HTM).
1/14/97 -- Version 1.2g.113
* Several small bugs in the SSI-caching algorithim were fixed (?OPTIONS
#FLASTMOD, and #FSIZE were not being replaced)
* The CONFIG2.CMD "intermediate configurator" returned a "Sorry"
message if the client did not have SUPERUSER privileges. It will now
challenge the client for username/password.
* STATUS.CMD will now report on the number of !DIR and SSI-Cache
files. It can also be instructed to "clear the !DIR cache".
STATUS.HTM has also been upgraded -- it now has
several other "configuration and status" options
* A "install code only" option has been added to the INSTALL program
(this should be useful to upgraders).
1/18/97 -- Version 1.2g.118
* Modified the access_fail_File feature to facilitate "dynamic
privileges" (a value of 1, and -1, now have special meanings)
* A few new add-ons are available (_COMMAND and SREFANIM).
* A new special command, !AUTHORIZE, has been added. When issued,
SRE-Filter will send back an "authorization" request (this is
intended for administrator use).
* The WRITE_TO_FILE option of the MESSAGE facility did not understand
y or yes (lower case). This has been fixed.
* A REDIR option is now available for the NOEXT_TYPE parameter -- it is
similar to DIR, but will redirect the client before attempting to
resolve the directory specific name.
1/23/97. Version 1.2h.123
* A MULTI_SEND option has been added to the DIR_OPTIONS parameter.
It instructs !DIR to send "status messages" to Connection:Keep-Alive
capable browsers.
* SREF_MULTI_SEND, a new procedure to facilitate multiple part documents,
has been added to the SRE-Filter macrospace library.
* The _COMMAND add-on would crash under Merlin when input was expected.
This has been fixed.
1/25/97. Version 1.2h.1.25
* Fixed several bugs:
i) SENDFILE did not include a content-length header: netscape
would show NO status information during downloads. This
has been fixed.
ii) PUBLIC_URLS that began with a / did not match otherwise
equal request strings. Now, leading / and \ are stripped.
* The documenation was edited again (and not for the last time)
2/09/97. Version 1.2h.209
* Fixed several bugs:
i) The !DIR facility did not properly deal with files that had
no extension.
ii) The AUTO_DESCRIBE=0 and DESCRIBE=0 "request string" options of
the !DIR facility did not work.
iii) The DIRINFO.RXX "interpretable" file returned incorrect results.
iv) The #CONFIG NCSA SSI directive was being improperly cached.
* Fixed a bug caused by an incompatability between the Toronto Virtual
File System and REXX. This bug caused incorrect output from the
!DIR facility (and add-ons that used the SYSFILETREE procedure). Work
arounds for this have been put into place.
----------------
On 5 March 1997, a new version of SRE-Filter was released (SREFV12I.ZIP).
Changes from 1.2h to 1.2i (other then various bug fixes, mostly dealing
with proper detection of post-filter suppression)
* STATUS.HTM has been upgraded (it now contains a number of configuration
links).
* New options added to the ACCESS_FAIL_FILE parameter
* A REDIR option is now available for the NOEXT_TYPE parameter --
it cause a redirection back to xxx/yyy/.
* A MULTI_SEND option has been added to the DIR_OPTIONS parameter.
It instructs !DIR to send "status messages" to Connection:Keep-Alive
capable browsers.
* SREF_MULTI_SEND, a new procedure to facilitate multiple part documents,
has been added to the SRE-Filter macrospace library.
* A "change the configurator background colors" facility is now built into
the configurator
* A special environment variable, SREF_PRIVSET, has been added to the CGI-BIN
enviornment variables. Similarly, PRIVSET is now added to the SAVE_STATE
"thread specific cache"
* SRE-Filter will now record requests in a common-log audit file (as
well as record browsers and referers in seperate log files).
* Several new add-ons are now available (including an updated search
engine facility).
* The documentation was put through a heavy edit. Besides a lot of
new and revised verbiage, be aware that some of the terminology
has changed. In particular:
the term "URL-specific" has been changed to "SEL-specific", and
"requested URL" has been changed to "request selector"
(it still leaves something to be desired, but it's more technically
accurate)
* The SREFQUIK variant was improved: a few bugs fixed, a new option to
control "post-filtering", and much better documentation (SREFQUIK.DOC).
* You can now "suppress hits" from supersers, as well as owners
(see the description of HIT_SUPERUSER_SUPPRESS in INITFILT.DOC).
* A new set of "advanced options" can be enabled on a "SEL-specific"
basis. These include pre-file-transfer execution of an external
REXX procedure, customization of the response headers, and
selective suppression of server side includes (see ADV_OPTS.DOC for
details).
* A few of the less frequently used SRE-Filter facilities (such as PUT
request processing) were not properly interpreting the "homename" variable.
This has been fixed.
* The #INCLUDE and INCLUDE ssi-keyphrases are now slightly different ---
INCLUDE will check for "recursive includes", #INCLUDE will not. Since
a very simple recursive-file checking algorithim is used, INCLUDE will
only let you include a file ONCE -- if you want to include a file
twice (say, a button bar list at the top and bottom of your document), use
#INCLUDE.
3/18/97
* The "username" feature of the "nologs" option for suppressing
common-log audit file entries was not working (it has been fixed).
* The !DIR directive now understands the * wildcard character.
3/21/97
* The intermediate configurator "over-refreshed" (when a back button
was pushed). This has been fixed.
3/22/97
* A new option, NOREFERERS, has been added to the SREFLOGS.INI file
* An advanced Status facility (NUSTATUS) is now available.
3/25/97 --- Version 1.2i.325 released.
* Several bugs relating to the use of INHOUSEIPS. were fixed. In addition, you
can now use * in IP names with INHOUSEIPS. parameters.
* CERN imagemaps are now supported (as well as NCSA imagemaps). See
the NCSA_ISMAP and CERN_ISMAP parameters (in INITFILT.DOC) for details.
4/01/97 --- Version 1.2i.401 released
* Documents containing SELECT ssi-keyphrases will now be cached.
* FREEUP procedure has been simplified and fixed.
4/02/97
* COUNTER.RXX failed when used as an "INTERPRET FILE" keyphrase. This has been
fixed.
4/03/97
* SRE-Filter would crash when a very long request string was recieved,
common-log audting was on, and VERBOSE>0. This has been fixed.
4/06/97 -- Version 1.2i.497a release (note change in version numbering scheme)
* Minor improvements to the RECORD_ALL_FILE caching algorithim.
* Added a "save total bytes and bytes sent" option to COUNTER.RXX. Also
a minor edit of COUNTER.DOC.
* Minor changes to SREFMON.CMD (corrected some low probability bugs).
* Minor changes to GETAFILE add-on.
* Due to minor format misspecification, common-log files were not being read by
several log-audit tools (such as GETSTATS and ANALOG). This has been fixed.
4/15/97
* Minor changes to COUNTER.RXX: fixed some small bugs. More importantly,
add a DURATION option (for reporting number of hits in last "duration" days).
* When a !SENDAS_x_y requeset string (without anything after the "y") was recieved,
SRE-Filter would CRASH. This has been fixed.
4/17/97: Version 1.2i.497b release
* When host specific parameters were commented out, they were not being removed from
the SRE-Filter environment. This has been fixed.
* You can now redirect a DEFAULT, by entering the full URL (this is mostly useful
if you have multiple hosts).
4/22/97
* The intermediate configurator failed to save the DO_HTACCESS variable. This has
been fixed.
* A "shut down and restart GoServe/SRE-Filter remotely" add-on is now available.
5/01/97 : Version 1.2i.597a released.
* Fixed a few bugs related to access control:
i) Headers sent after closing connection,
ii) SELECT keyphrases failed when !FORCE used.
* A new "run scheduled events" option has been added. See the description of the
SCHED. options in SREFLOGS.DOC for details (and see the RENLOGS.CMD
program for an example of a scheduled program, it is used to rename your log files).
* SRE-Filter would crash when a TZ= variable (for time zone specification) was not
specified in CONFIG.SYS. This has been fixed.
5/03/97:
* The "recent hit's cache" is no longer stored in the environment. Instead, a
special "variable storage" SRE-Filter thread is used. Operationally, this means
that "5K" suggested size (yielding about 100 hits) is no longer operational. Instead,
a recommended size of 500 to 1000 is recommended (i.e.; the value of
HIT_CACHE_LEN should be changed from 5 to 500).
* A new "clientname" cache has been implemented. This is used to avoid
calls to the DNS. Note that the "variable storage thread" is used, with
a limit of about 800 entries (with a one hour duration).
* Fixed a mild bug in COUNTER.RXX (counts in "last n days" was one too large).
5/06/97:
* Fixed a mild bug in COUNTER.RXX (that caused the WRITE_USERS=0
option to be ignored).
------------
On June 9, a version 1.2j.697c, was released, (SREFV12J.ZIP).
Changes from ver 1.2i include:
* SREFAST, a "small and fast" variant of SRE-Filter is now available.
It's a more flexible alternative to SREFQUIK, but requires a fair amount
of configuration. See SREFAST.DOC for details.
* For aesthetic and security reasons, SRE-Filter now stores configuration
procedures, "addons", and INTERPRETable .RXX files in an ADDON_DIR directory.
That is, it no longer uses (by default) the "GoServe working directory".
Upgraders should modify INITFILT.80 accordingly -- you may also want to
remove duplicate versions of these procedure (the INSTALL program
contains additional details).
Some older versions of SRE-Filter addon's might not run
properly with this ADDON_DIR feature. You can either
download the latest versions of the addons, or you can
sacrifice a little bit of security by setting ADDON_DIR
to equal the GoServe working directory.
* To avoid problems with changing default directories when running external
procedures, SRE-Filter will load, call, and then remove procedures from
macrospace. This should eliminate some occasional problems that can occur
on busy sites, but might slow things down a bit.
In addition, a new set of parameters, KEEP_ADDONS.n have been added
to INITFILT.80. These (which can only be changed by hand) can be used
to specify "add-ons" to retain in macrospace -- which should lead to
much quicker loads (see INITFILT.DOC for details).
* As a security measure, you can now specify a DIR_ACCESS and DIR_ACCESS_PRIVS
parameters. These are used by !DIR and GETAFILE to suppress display of
directories. INITFILT.DOC and DIR.DOC contain a further discussion.
* A "multiple" wildcard algorithim is now used in ACCESS control
(ALL_FILE.CTL) and aliasing (ALIASES.IN).
Thus, entries of the form /SCHOOL/*/FACULTY/*/PERSONAL are
allowed. For example, this would match:
/SCHOOL/PEOPLE/FACULTY/JONES/PERSONAL).
See SREFILTR.FAQ for details.
* The browser log can now produce GoHTTP style, or Apache style, output.
In addition, a "combined log" can now be produced.
* Fixed some mild bugs in HTTPD-style server side includes
* The simple configurator set CHECKLOG='YES', instead of CHECKLOG='ALWAYS'.
This has been fixed.
* The POSTMAIL.80 "e-mail event alert" post-filter procedure had several bugs
that rendered it flakey. These have been fixed.
* INTEPRET keyphrases that issued completion codes (such as 'VAR xxx ')
would cause inappropriate errors to be written to the GOAUDIT.80
log file. This has been fixed (an example of this occured when
TESTTABL.HTM was called by an unrecognized browser).
* When a download was aborted by the client, the commonlog recorded
the file size as the number of bytes sent. This has been fixed.
* Several changes were made to CGI-BIN; with the goal of compatability
with ICS and NCSA servers. A new parameter (EMPTY_PATH_OK) can
now be set to control which "flavor" of CGI-BIN to emulate
(ICS/NCSA or GOHTTP).
* Several improvements were made to COUNTER.RXX. Of especial interest,
COUNTER.RXX can now be used to create counters with "fancy digits".
* DEFAULT can now contain several possible file names; they will
be looked for in order.
6/20/97 : ver 1.2j.697g
* Several improvements to SRE-Filter's exception handling.
* A modification to SRE-Filter's use of macrospace to run addons was
made -- refreshes of procedures will occur only if no other clients
are active (problems were occuring when simultaneous request for
server side processing occured)
* FIX_EXPIRE now works with CGI-BIN output.
* A "gif text" generator addon is now available (it's used exposed
the problem listed just above).
* A !RUN special command can now be used to expedite processing of
SRE-Filter addons that you reference with a KEEP_ADDON. entry.
6/24/97: ver 1.2j.697i
* GET selectors can now contain spaces (i.e.; /MYSTUFF/FOO%20BAR.HTML )
that refer to long filenames that contains spaces.
* More improvements to SRE-Filter's exception handling.
6/25/97: ver 1.2j.697j
* Fixed an error with the SSI-Cache. This error often manifested itself
when using INTERPRET keyphrases.
6/29/97: ver 1.2j.697k
* To avoid conflicting with the FILEREXX library, the FILEREAD procedure
from REXXLIB is now loaded with the name SREF_FILEREAD.
All references to FILEREAD have been recoded to SREF_FILEREAD
(except the addons, they were not modified).
* Instead of using PMPRINTF, SRE-Filter uses "PMPRINTF_SREF".
In addition to preventing some fatal errors, you can control PMPRINTF_SREF
output with the PMPRINTF_OPT parameter (in srefiltr.80).
7/03/97: ver 1.2j.797a
* Fixed a small bug in !DIR; !DIR?/ would not work it the
data directory was a root drive (such as G:\).
7/06/97: ver 1.2j.797b
* PMPRINTF output now handled by a seperate thread-- this thread
will lazy write output (by default, every 1.3 seconds)
Note that "addons" still call pmprintf.
* Minor edit of several documentation files
* The "auto_name" portion of the simple configurator was upgraded.
* When CGI-BIN scripts were invoked via a DEFAULT or an alias,
information was not being properly processed. A fix has been
applied; but to be safe, we recommend using "external redirection"
to invoke CGI-BIN scripts (instead of internal redirection).
* !DIR was not handling no-extension files properly. This has been
fixed
7/07/97: ver 1.2j.797c
* A stand-alone "SREFILTR.80" editor (EDITSREF.CMD) is now
included (it's especially useful for remote, TELNET, configuration).
This required minor changes in the user-configurable parameters
section of SREFILTR.80
7/08/97: ver 1.2j.797d
* Fixed a problem with the ACCESS_FAIL_FILE and LOGON_FAIL_FILE
#LINK option -- NetScape would go into an endless loop
(solution involved changing !FORCE? to !FORCE/)
* A rare bug inthe PMPRINTF thread" was fixed (occured when
a %ab was written).
7/10/97: ver 1.2j.797e
* Fixed up the LOGON_FAIL_FILE and ACCESS_FAIL_FILE -- these
files will now be displayed if the client immediately cancels
(previously, one attempt was required).
7/11/97: ver 1.2j.797f
* Fixed a problem with FIX_EXPIRE and CGI-BIN scripts (content-type
was not being properly returned for non-html files
* Added a "send CGI-BIN output as is becomes available" options.
See the discussion of the CGI_BIN_PIECES variable (in INITFILT.DOC),
for further discussion
* In addition to SREFILTR.80, SREFAST.80 and COUNTER.RXX can now
be edited with the EDITSREF "command line" editor.
7/11/97: ver 1.2j.797g
* Due to instability of the named-pipe procedures, a second
"send cgi-bin output in pieces" mode was added. This mode
(cgi_bin_Pieces=2) REQUIRES the FILEREXX procedure library
(available from hobbes.nmsu.edu).
7/17/97: ver 1.2j.797h
* Added an "include only if matches a PATTERN=",
and a "add special directive PREFIX= option,
to !DIR (see DIR.DOC for details)
* The GETAFILE addon will support the PATTERN= option.
It can also check files for "all text characters", and
return the document as text/plain if the file IS al characters.
* Two special values of !SENDAS were added: SENDAS_TYPE_CHECK
and SENDAS_TEXT_CHECK
7/20/97: ver 1.2j.797i
* Added a "suppress remote configuration option" (see the
NO_REMOTE_CONFIG parameter in SREFILTR.80).
* A few minor modifications to the configurator forms.
* Small improvements to the DOGET.CMD utility: username/password
can now be added (it will be encoded for you),
as can other request headers.
7/23/97: ver 1.2j.797j
* You can now add a username and password to remote virtual directories.
It will be sent to the remote server in a request header (after
being pack64 encoded).
8/01/97: ver 1.2j.897a
* Fixed a problem when long filenames were processed for SSI's
(a GOSERVE auditing problem ).
8/29/97: ver 1.2j.897b
* Changed naming of CGI-Bin temporary files to avoid possible
(albeit rare) naming conflict.
* Occasional cleanup of "orphaned" CGI-BIN temporary files
will now be done (this feature can be suppressed by modifying
SREFMON.CMD))
9/08/97: ver 1.2j.997a
* Modified SREFMON.CMD, and the configurators, to appropriately
deal with ' characters in initfilt.80.
9/18/97: ver 1.2j.997b
* Added a "run custom initialization procedures" feature (allows
you to specify REXX programs to run when Goserve/Sre-filter starts).
* A new addon, PRELOAD, is now available. Designed to be used
as a custom initialization procedure, PRELOAD will
hit your server with a specified set of requests -- useful for
immediately loading ("preloading" before a real request arrives)
information into the the various goserve/sre-filter caches.
9/20/97: ver 1.2j.997c
* Modified the SIZEFMT=ABBREV NSCA-style SSI directive. It will now
produce nnn.nnM style abbreviations (rather then nnnM
abbreviations). If you want the nnnM style, use MABBREV
instead of ABBREV.
* A shorthand for the <!-- INTERPRET FILE xxx.xx --> SSI keyphrase
is now supported. By default, this is <!-- $ xxx.xx -->. If
desired, $ can be changed to some other character string
(see the QUICK_INTERP parameter in SREFILTR.80).
* A shorthand for the <!-- INTERPRET code abc ; def --> SSI keyphrase
is now supported. By default, this is <!-- # abc ;def -->. If
desired, # can be changed to some other character string
(see the QUICK_INTERP_CODE parameter in SREFILTR.80).
* A set of global parameters is now available for INTERPRET
keyphrases in a document. These can be referenced by
using GLOBALS.varname "stem variables". Note that these
parameters are "global" only to a particular request; and
that other parameters are "local" to a given "<!-- INTERPRET ...
keyphrase.
--- End of document.