home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Cream of the Crop 25
/
Cream of the Crop 25.iso
/
os2
/
srefv12i.zip
/
changes.doc
< prev
next >
Wrap
Text File
|
1997-04-24
|
35KB
|
743 lines
5 Mar 1997.
This document contains a history of changes to SRE-FILTER, starting
from version 1.2d. Older changes (from version 1.11 to 1.2d)
are in CHANGES0.DOC (CHANGES0.DOC can be found at
http://rpbcam.econ.ag.gov/srefilter/changes0.doc)
Please note that as of this writing the SRE-Filter is at version 1.2i
(sub version .305). Currently ,there is no fix-pack needed for version 1.2i.
However, there will almost certainly be changes (and bug fixes) in the near
future. When they become available, they will be distributed in
FIXES12I.ZIP -- keep an occasional eye on the SRE-Filter home page
(http://rpbcam.econ.ag.gov/srefilter).
You may also want to examine the documentation files:
A "frequently asked questions" file: SREFILTR.FAQ,
An outline of how SRE-Filter works: OUTLINE.HTM
The SRE-Filter manual: SREFILTR.HTM
A detailed description of initialization parameters: INITFILT.DOC
------------------------------------
Changes from ver 1.2d to 1.2e:
HTACCESS support added:
Addition of support for directory-specific access controls (and
redirection) using HTACCESS files (using code adapated from the
GOHTTP filter, courtesy of D. Meyer).
For further details, see the description of the HTACCESS_FILE and
DO_HTACCESS variables in INITIFLT.DOC
One fringe benefit of HTACCESS support is that the SHOWDIR dynamic
directory list processor can now be used with SRE-Filter -- see
SHOWDIR.DOC for details.
NOTIFY method of redirection added:
Addition of a !NOTIFY method of redirection (client is informed of the
move, but is not actually redirected).
Best matching is used (instead of first matches):
When searching access controls, virtual directories, aliases, and the
various other .IN, .CNT, and .CTL files: SRE-filter will now use a "best
match" criteria, rather then a first match criteria, when choosing
between wildcard matches (exact matches still have priority).
User defined MIME types:
You can now define your own MIME media types using the MEDIATYP.RXX file.
Furthermore, you can define your own "SHTML" (server side include
permitted HTML files) extensions by modifying the SSI_EXTENSIONS variable.
--------------------------------------
Changes from 1.2e to 1.2f (up to 24 Sept 1996)
Configurator improvements:
A number of changes were made to the "Initialization Parameters" portion
of the configurator (in addition to earlier changes to the "parameter
files section). The most important change is that you can now use the
configurator to modify "host specific" parameters en masse.
Almost all initialization parameters can be host specific.
The naming convention has been standardized (NAME.HOST_NICKNAME or
NAME.n.HOST_NICKNAME). Note that the OWNERS, PUBLIC_URLS, INHOUSEIPS, and
UNALLOWEDIPS parameters must be host-specific (non host-specific values
will NOT be used as defaults for these four parameters).
The configurator can now be used to view and modify HTACCESS files.
Enhancements to file upload capabilities:
The GET_URL and PUT_FILE "file upload" methods are no longer limited to
the UPLOAD_DIR directory. The client can now specify a directory (using
a URL-like syntax, i.e.; DIR1/foo.bar) of the UPLOAD_DIR. Furthermore,
the "subdirectory" portion can map to a virtual directory -- for example,
DIR1/ may map to D:\NOTWWW\OURDIR\.
As a security feature, uploads to "virtual directory" require
that this virtual directory (i.e.; DIR1/) have a PUT permission assigned
to it (using the ACCESS_FILE).
Addition of a simple load balancing feature:
You can implement a simple form of load balancing by changing
a few parameters in the SREFILTR.80 file. See the discussion of the
LOADTHRESHOLD variable in INITFILT.DOC for details.
Improvments to the FIX_EXPIRE parameter:
The FIX_EXPIRE parameter (for suppressing "immediate expiration")
now applies to GETAFILE, DOSEARCH, and CGI-BIN requests (as well as
documents cnotaining server side includes).
Changes to the post-filter capability:
You can now call a series of Post-filters (instead of just one).
The Post-filters are now passed the name of the fully qualified file
used in the request (either a document name, or the name of the CGI
script or external REXX procedure used in a server side processing
request).
The "used file" is now passed to the client. This may be the
name of the file transfered (such as an HTML or GIF file),
the name of the CGI-BIN script executed, or the name of the
external REXX procedure executed).
POSTRCRD.80, A simple "client information recorder" post-filter,
is not packaged with SRE-Filter. POSTFILT.80 is now just a simple
example, with POSTMAIL.80 now containing the "e-mail alert" procedure.
Changes to public_urls:
When determining which of several wildcard matches to PUBLIC_URLS should
be used, a "best match" is used rather then a "first match".
On multiple-host servers, only PUBLIC_URLS specifically listed for a
(defined) host are used (that is, the non host-specific PUBLC_URLS are
NOT used as defaults).
There is now a more forgiving method of responding to "literal"
PUBLIC_URLS that point to aliases. Before, requests that matched
these "improper" literal public_urls resulted in "no such document"
responses. Now, SRE-Filter will ignore the "literal", and treat
the request like a normal PUBLIC_URL (that is, alias matching
will be attempted).
Logon bug fix:
Repaired a bug that, under unusual circumstances, allowed a client
to logon by using a blank username and password.
-------------------------------------------------------
Changes from ver 1.2f to ver 1.2g.
!DIRECTORY option added to AUTO_NAME.
!DIRECTORY and !DIRECTORY* are now synonyms for !CREATE and !CREATE*.
Fixed uninformative "not found document" message:
When using the !CREATE "auto name" option, if the requested directory did not
exist, a too-simple "Unavailable" message was returned. Now, the standard
"document not found" message will be returned.
Not found response can now point to a file:
You can now return a customized document (rather then a simple text string)
whenever a request for a non-existent resource occurs. See the
the discussion of the NOT_FOUND_RESPONSE variable (in INITFILT.DOC)
for details.
Timefmt NSCA HTTPD directive brought up to spec:
The timefmt NCSA HTTPD "server side include" directive is now fully
supported by SRE-Filter -- all dates in the NCSA HTTPD style server
side includes will now follow the rules set in timefmt directives
(with a default of '%c'). For details on the timefmt directive,
see TIMEFMT.DOC. Note that the "native" SRE-Filter time and date
server side includes are not effected by timefmt (basically,
a %c equivalent is used; i.e.; 13:01:33 27 August 1988).
DNS_CHECK bug repaired
DNS_CHECK failed to work. It has now been fixed.
Restructuring of code:
A minor restructuring of code to shrink the size of the filter (but
expand macrospace) should help speed things up (a bit) under load.
Best match improvement:
Best match will now consider the "length of the string after the *"
when comparing "best matches" that are otherwise equivalent (see
INITFILT.DOC for details).
Message box facility improved:
The simple message box facility (MESSAGE, ASKMESSBOX, and VIEWMESS)
has been upgraded. Of greater interest, a new "multi-
threaded forum" facility has been added. This uses REXX procedures
and server side including HTML documents, in conjunction with
SRE-Filter message boxes, to implement a basic multi-threaded
forum using a "news reader" type interface. See FORUM.DOC for details.
Note that MESSBOX specific privileges (possibly wildcarded)
are now required to access message boxes (either through the
MESSAGE or FORUM).
A "list server" like facility added:
Complementing the improved message boxes and the FORUM facility,
READMAIL and MAILLIST, two "list server" like facilities, have been
added. READMAIL (and MAILLIST) will read e-mail messages stored in an
inbox (say, as written by SENDMAIL), and place the contents of these
messages into a SRE-Filter messagebox OR rebroadcast the
message to a list of users. See READMAIL.DOC for details.
Fixed an occasional bug in the INTERPRET and SELECT keyphrases:
A problem when setting INTERPRET.RESULTS or SELECT.RESULT has
been fixed. In addition, you can now return results to
the SELECT keyphrase by including RETURN 1 or RETURN 0 in your
"REXX code block" (rather then setting the value of SELECT.RESULT).
Similarly, use of QUEUE statements, in addition to setting the
value of INTERPRET.RESULTS, is supported for the INTERPRET keyphrase.
An example of how to set up a simple, 3-tiered site:
See INITFILT.DOC for a description of how to efficiently setup a
3-tiered site: with directories et al that provide unmonitored public
access, monitored public access, and controlled access.
Fixed a bug with the HOSTS. variables:
Requests directly to a numeric IP address, rather then a name,
were mishandled when a HOST: request header was present. This has
been fixed.
Add COUNTS_FILE and HITS_FILE server side include options:
COUNTS_FILE and HITS_FILE are equivalent to the COUNTS and HITS
options of the REPLACE ssi keyphrase. The difference is that
the fully qualified file name is used, rather then the request string
(the URL).
RECORD_OPTION can now "record by file":
You can tell SRE-Filter to record all requests by file name,
rather then by URL (this is the RECORD_ALL_FILE equivalent to
COUNTS_FILE and HITS_FILE) -- see the description of RECORD_OPTION
in INITFILT.DOC for details
A bug when "aliasing" CGI-BIN scripts has been fixed:
The use of aliases to redirect CGI-BIN requests to scripts, in
directories other then CGI_BIN_DIR, malfunctioned when the
request was of the form CGI-BIN/ASCRIPT?wow (where ASCRIPT
was an alias to some directory).
A syntax for indicating the directory of a CGI-BIN script:
When the CGI-BIN/ sub-string apears after some subdirectory information
(for example DADSTUFF/SCRIPTS1/CGI-BIN/ascript?anargumemt),
SRE-Filter will use that "pre CGI-BIN/" information as a pointer to
the directory containing the script.
Note that this may be under the CGI_BIN_DIR, or may be a virtual
directory (i.e.; D:\GOSERVE\CGI-BIN\DADSTUFF\SCRIPTS1\)
NO_SSP permissions were not applied to CGI-BIN scripts:
CGI-BIN requests took place, even if a NO_SSP permission applied.
This has been fixed (this is now an important feature, given
the "non-spec" virtual directory method mentioned above).
Adding the "username" to the privilege list:
SRE-Filter will now add the users "logon name" to her
privilege list (this can be suppressed). This can be useful,
when combined with URL-specific access controls, as a means
of providing individualized access.
PUBLIC_PRIVS added to privilege list of PUBLIC_URLS:
The RECORD_ALL_FILE can now be cached:
To cut down on the number of disk writes, the RECORD_ALL_FILE
is now cached. To modify, or turn this caching on, set the
RECORD_CACHE_LINES variable in SREFILTR.80
A "just read" documents list can now be used to suppress hit augmenting:
To cut down on false hits (i.e.; from people "backing up" to a
document), SRE-Filter can maintain a "suppress recent hits list".
To turn this feature on, see the HIT_CACHE_LEN variable in
INITFILT.DOC.
Minor modification to range retrieval:
Range retrieval now understands the If-modified: and Umless-modified:
request headers. Note that the If-Invalid: and If-valid: headers
are ignored.
Changes to the USETABL2.RXX "interpretable" file:
The list of "table capable" and "table incapable" browsers has been greatly
expanded. Also, a bug that could crash GoServe has been fixed
(if the user-agent was unknown, an EXIT command resulted, which crashed GoServe).
Changes to PUBLIC_URL processing:
* If a literal public_url was specified using an "exact name" that
contained a * wildcard, the appropriate file match was not performed,
and a "not found" message was returned. This has been fixed.
* The PUBLIC_PRIVS are now used as the privilege list for
request for PUBLIC_URLS. Note that this can be useful when
using a PUBLIC_URL to invoke the FORUM or MESSAGE facilities
(i.e.; include a MESSBOX:PUBFORUM in your PUBLIC_PRIVS list).
* PUBLIC_URLS may have a NORECORD attribute (in addition to
the LITERAL and LITERAL_NORECORD attribute). T
* The "exact names" in literal PUBLIC_URLS with "exact names" can
now contain a * wildcard character (SRE-Filter will make the
appropriate substituttion.
---------------------------------------------
Fixes to ver 1.2g.
FIXES.ZIP contains the latest changes. Note that the latest version
of SREFV12.ZIP will also contain these changes -- you should obtain
FIXES.ZIP only if you have an earlier version of SRE-Filter ver 1.2g.
To use FIXES.ZIP:
1) Stop GoServe
2) UNZIP FIXES.ZIP. If asked, overwrite all files.
3) Run FREEUP.CMD from an OS/2 prompt. This will flush all
SRE-Filter routines from macrospace (if you are using other programs
that use macrospace, you may need to restart them).
4) Restart GoServe.
No other changes are required.
10/28/96
* Post-filter routines now are given the value of the "referer" request
header. See POSTRCRD.80 for an example of how this is used.
10/30/96
* The "PASSWORD" field in SRE-Filter message boxes was inadvertently
set when no explicit password was given. FORUM would then accept
a blank password as a legitimate match. This has been fixed.
10/31/96
* A HIT_SUPPRESS_OWNERS variable, when set to 1, will instruct
SRE-Filter NOT to record requests from OWNERS.
For details, see the description of the HIT_SUPPRESS_OWNERS
variable in INITFILT.DOC.
* You can now "chain" pre-filters. For details, see the descripiton of
PREFILTER_NAME in INITFILT.DOC.
11/01/96
* The GETAFILE facility was been upgraded:
A suppress TABLE border option has been added
The SHOWDATE=YES option of GETAFILE now shows dates using
15 Nov 1995 format (if you want to display dates using a
11/15/95 format, use SHOWDATE=YES_SHORT).
See SREFILTR.HTM for details.
11/03/96
* The INTERPRET FILE keyphrase can now include arguments, which
will be available to the "interpreted" REXX file. See
SREFILTR.HTM for details.
* The "resource privileges" list can now contain two types
of privileges -- ANY_ONE and MUST_HAVE; where ANY_ONE are
"or" conditions, and MUST_HAVE are "and" conditions.
See SREFILTR.HTM for details.
* A dynamic (and short lived) privilege can be assigned to
clients (using their IP address). This can be used to restrict
access to files to those going through "proper" procedures.
Furthermore, creation of these dynamic privileges is easily
accomplished by invoking the ADDPRIV.RXX add-on in an INTERPRET FILE
keyphrase. See ADDPRIV.DOC for details.
* A LOGON_LIMIT number of "logons" can be enforced per client per minute.
* If LOGON_FAIL_FILE is set, a custom written "logon-failure" response
file can be sent instead of a plain "401 Unauthorized" response.
See the discussion of the LOGON_FAIL_FILE variable in INITFILT.DOC
for details.
11/07/96
* If the client does not have "URL-specific" access, an ACCESS_FAIL_FILE
can be sent.
* A "access failure file" field has been added to the ACCESS_FILE.
If present, it overrides the value of ACCESS_FAIL_FILE.
See the discussion of the ACCESS_FAIL_FILE variable in INITFILT.DOC
for details.
* The SRE-Filter configurator has been modified to recognize thie
"access failure file" field in the ACCESS_FILE.
11/08/96
* The OWNERS variable was not being recognized.
The HIT_OWNER_SUPPRESS variable was not being acted on.
Both of these bugs have been fixed. Note that in all likelihood,
these bugs were introduced around Nov. 3.
11/10/96
* A NO_INTERPRET_CODE parameter can now be set; it instructs SRE-Filter
to suppress SELECT and INTERPRET CODE server-side-include keyphrases.
In addition, an equivalent "NO_CODE" permission can be set on a
"URL-specific" basis. Note that this is a subset of NO_PROCESSING
and the NO_SSP permission -- it provides some protection against
ill-mannered users, without quashing all server-side includes and
processing.
* The ACCESS_FAIL_FILE and LOGON_FAIL_FILE are now set in INITFILT.80
(rather then in SREFILTER.80).
11/12/96
* You can tell SRE-Filter to save "request specific" information
to a temporary file. This information can be used by external
procedures, AND by post-filter actions. See the description of
the SAVE_STATE variable (in INITFILT.DOC) for details.
* To support the above, SRE-Filter now passes the "thread-id"
of the request to the post-filter processor.
11/14/96
* A "web page counter", COUNTER.RXX, is now included. COUNTER.RXX has
a number of options, including the ability to save information on
each request. See COUNTER.DOC for details.
* The SENDFILE facility can use COUNTER.RXX (rather then the simpler
default). See SREFILTR.HTM for details.
11/16/96
* When using the LOGON_FAIL_FILE, Netscape would not display the response
(due to faulty response code). This has been fixed.
* The error message when attempting to SENDFILE a non-existent file
was uninformative. This has been fixed. SENDFILE will also
note (if COUNTER= is used) failed attempts.
11/17/96
* Modified the various *CFG.CMD files (the configurator procedures)
to permit remote access by clients with SUPERUSER privileges.
* The "own name" privilege was being added to the client privilege
list, even when ADD_USER_NAME='NO'. This has been fixed.
11/19/96
* Minor modifications to FILTINST.CMD.
* Created SREF_WRITE_STATE -- the complement to SREF_READ_STATE
(used for writing to the "thread specific" cache)
* If SAVE_STATE=1, the SENDFILE facility will write the bytes sent
and the bytes in the file to a SENDFILE_STATUS variable in
the "thread specific" cache
* CGI-BIN calls are given two additional (SRE-Filter specific) variables:
CALLER_THREAD (useful if you want to use SREF_WRITE_STATE) and
SCRIPT_DIR (the directory the of CGI-BIN script being executed).
In addition, TEST-CGI.CMD has been modified to display these
"environment variables".
11/21/96
* The OWNER_SUPPRESS feature of COUNTER.RXX did not work, when called
as a procedure. This has been fixed.
* The "#config sizefmt=xxx" server side include directive
was not spec. This has been fixed: fractions are not used
when sizefmt=abbrev, and commas are inserted when sizefmt=bytes.
* COUNTER.RXX can now generate simple "odomoeter" style graphical
counters, when called as an in-line image (it uses Don Meyer's
XCOUNT.CMD code).
11/23/96
* On GET method requests that invoke an external procedure to
perform "server side processing": the LIST variable (consisting
of items following a ? in the request string) is url-decoded
url-decoded -- the documentation (SREFILTR.HTM) had claimed that
it was not!
Note that in some cases it's best to use the URI argument, which
will contain the original request string.
11/27/96
* The RESPONSE_FILE option of the MESSAGE facility did not work.
This has been fixed.
* A simple means of "limiting" the scope of virtual directories
has been added. See the "sample" VIRTUAL.IN file for details.
* A few options have been added to GETAFILE, including a "standard"
mode (where you specify just the subdirectory) that yields
a standard tabular display of icon, name, date and size.
See GETAFILE.HTM for details.
12/01/96
* The installation procedure has been moderately reworked. It now
gives you the opportunity to set a few of the more commonly
used parameters.
* A bug that rendered GETAFILE useless, introduced sometime between
11/27 and 12/01, was repaired.
* The various .CMD files now give coherent error messages if accidentally
run from the command line (rather then called as external procedures
by SRE-Filter).
12/09/96
* The AUTO_HEADER would occasionally add a second : to http-equiv
generated response headers. This has been fixed.
----------------
On 12/31/96, a new version of SRE-Filter was released (SREFV12H.ZIP).
This incorporates all the above changes, plus the following. Note
that since this is a new version, there is no FIXES file for it
(yet!)
Changes from 1.2g to 1.2h
* User specific "web" subdirectories of the HOME_DIR can now be
specified by including a $ in the HOME_DIR parameter.
* The HOME_DIR replacment for ~ could not be used with AUTO_NAME
construction. This has been fixed (HOME_DIR replacement now
occurs before AUTO_NAME construction).
* The FORUM, READMAIL and MAILLIST facilities are no longer
packaged with SRE-Filter. Instead, they are available as
add ons.
* A web based BBS add-on is now available for SRE-Filter.
* The MAILLIST add-on can now be instructed to forward unused mail
(mail NOT to one of the listed "forums") to an alternative
mail box directory. Furthermore, a special .UML file can be created
for use by UltiMail.
* !DIR, a new "directory lister" has been added to SRE-Filter.
The !DIR facility largely replaces the GETAFILE external
procedure; it is used when a !CREATE option appears in the
AUTO_NAME variable.
To control the format and content of the directory listings
created by !DIR, two new variables have been added to
INITFILT.80: DIR_OPTIONS and DIR_EXCLUSION
Furthermore, !DIR will cache it's output, and use the cache
when appropriate. This can substantially improve performance,
especially when you are using "automatic descriptions".
For more details on the !DIR facility, pless see DIR.DOC.
* GETAFILE is now available as an add-on.
GETAFILE has a few new features, including:
* the ability to use "one line per file" description
files (these are more standard then the "block delimited"
files used by earlier versions of GETAFILE).
* the ability to automatically generate a description for
HTML, Text, and .ZIP files
* the ability to "expand" .ZIP files, and to extract files from
.ZIP files
Note: the !DIR built-in facility also has the first two of these
features (but NOT the .ZIP file expansion capability)
* Several new special "directives" have been added:
!SENDAS_MIMETYPE_SUBTYPE -- forces server to use a particular
mime-type/subtype
!DELSEND -- Sends, and then deletes, files from the
TEMPFILE_DIR directory.
!FORCE -- Used in LOGON_FAIL_FILE s to "force" a logon.
It also can be used to "suppress the SSI-CACHE",
* The SRE-Filter configurator has been substantially re-done.
There is now a "simple" mode configurator, as well as the
older "intermediate" mode configurator. As part of this process,
the FILTINST.* files have been renamed. If you use the
defaults to install SRE-Filter (ver 1.2h), you can invoke
the configurator by pointing your browser at
http://your.server/CONFIGURE
* The CACHED_FILES parameter has been dropped.
* A seperate "thread" has been added to handle the "SSI-Cache".
The SSI-Cache is used to cahce html documents which contain server
side includes.
SSICACHE.HTM contains a description of how "SSI-caching" works,
and how you can configure it.
* If the HEADER.1 parameter begins with a <BODY>, it will replace the
first <BODY> element (rather the follow it).
* Self-recursive (hence infinite) server-side includes are now trapped.
* Several new documentation files have been added, including GUIDE.HTM --
a guide to the features of SRE-Filter (it complements SUMMARY.HTM).
1/14/97 -- Version 1.2g.113
* Several small bugs in the SSI-caching algorithim were fixed (?OPTIONS
#FLASTMOD, and #FSIZE were not being replaced)
* The CONFIG2.CMD "intermediate configurator" returned a "Sorry"
message if the client did not have SUPERUSER privileges. It will now
challenge the client for username/password.
* STATUS.CMD will now report on the number of !DIR and SSI-Cache
files. It can also be instructed to "clear the !DIR cache".
STATUS.HTM has also been upgraded -- it now has
several other "configuration and status" options
* A "install code only" option has been added to the INSTALL program
(this should be useful to upgraders).
1/18/97 -- Version 1.2g.118
* Modified the access_fail_File feature to facilitate "dynamic
privileges" (a value of 1, and -1, now have special meanings)
* A few new add-ons are available (_COMMAND and SREFANIM).
* A new special command, !AUTHORIZE, has been added. When issued,
SRE-Filter will send back an "authorization" request (this is
intended for administrator use).
* The WRITE_TO_FILE option of the MESSAGE facility did not understand
y or yes (lower case). This has been fixed.
* A REDIR option is now available for the NOEXT_TYPE parameter -- it is
similar to DIR, but will redirect the client before attempting to
resolve the directory specific name.
1/23/97. Version 1.2h.123
* A MULTI_SEND option has been added to the DIR_OPTIONS parameter.
It instructs !DIR to send "status messages" to Connection:Keep-Alive
capable browsers.
* SREF_MULTI_SEND, a new procedure to facilitate multiple part documents,
has been added to the SRE-Filter macrospace library.
* The _COMMAND add-on would crash under Merlin when input was expected.
This has been fixed.
1/25/97. Version 1.2h.1.25
* Fixed several bugs:
i) SENDFILE did not include a content-length header: netscape
would show NO status information during downloads. This
has been fixed.
ii) PUBLIC_URLS that began with a / did not match otherwise
equal request strings. Now, leading / and \ are stripped.
* The documenation was edited again (and not for the last time)
Ver 1.2h.125 of SRE-Filter is considered to be a "general release" version.
Changes after this can be achieved by obtaining the FIXES12H.ZIP file on
the SRE-Filter home page. Note that if you are downloading SREFV12H.ZIP
(or it's components), you do NOT need to obtain FIXES12H.ZIP.
2/09/97. Version 1.2h.209
* Fixed several bugs:
i) The !DIR facility did not properly deal with files that had
no extension.
ii) The AUTO_DESCRIBE=0 and DESCRIBE=0 "request string" options of
the !DIR facility did not work.
iii) The DIRINFO.RXX "interpretable" file returned incorrect results.
iv) The #CONFIG NCSA SSI directive was being improperly cached.
* Fixed a bug caused by an incompatability between the Toronto Virtual
File System and REXX. This bug caused incorrect output from the
!DIR facility (and add-ons that used the SYSFILETREE procedure). Work
arounds for this have been put into place.
----------------
On 5 March 1997, a new version of SRE-Filter was released (SREFV12I.ZIP).
This was soon followed by releases on 3/07 and 3/10. As of this
writing, the 10 March release (version 1.2.i.310) is the "general
availability" release.
Note there is no FIXES file, yet... though you could think of the .310
version as fixes for the two earlier versions!
Changes from 1.2h to 1.2i (other then various bug fixes, mostly dealing
with proper detection of post-filter suppression)
* STATUS.HTM has been upgraded (it now contains a number of configuration
links).
* New options added to the ACCESS_FAIL_FILE parameter
* A REDIR option is now available for the NOEXT_TYPE parameter --
it cause a redirection back to xxx/yyy/.
* A MULTI_SEND option has been added to the DIR_OPTIONS parameter.
It instructs !DIR to send "status messages" to Connection:Keep-Alive
capable browsers.
* SREF_MULTI_SEND, a new procedure to facilitate multiple part documents,
has been added to the SRE-Filter macrospace library.
* A "change the configurator background colors" facility is now built into
the configurator
* A special environment variable, SREF_PRIVSET, has been added to the CGI-BIN
enviornment variables. Similarly, PRIVSET is now added to the SAVE_STATE
"thread specific cache"
* SRE-Filter will now record requests in a common-log audit file (as
well as record browsers and referers in seperate log files).
* Several new add-ons are now available (including an updated search
engine facility).
* The documentation was put through a heavy edit. Besides a lot of
new and revised verbiage, be aware that some of the terminology
has changed. In particular:
the term "URL-specific" has been changed to "SEL-specific", and
"requested URL" has been changed to "request selector"
(it still leaves something to be desired, but it's more technically
accurate)
* The SREFQUIK variant was improved: a few bugs fixed, a new option to
control "post-filtering", and much better documentation (SREFQUIK.DOC).
* You can now "suppress hits" from supersers, as well as owners
(see the description of HIT_SUPERUSER_SUPPRESS in INITFILT.DOC).
* A new set of "advanced options" can be enabled on a "SEL-specific"
basis. These include pre-file-transfer execution of an external
REXX procedure, customization of the response headers, and
selective suppression of server side includes (see ADV_OPTS.DOC for
details).
* A few of the less frequently used SRE-Filter facilities (such as PUT
request processing) were not properly interpreting the "homename" variable.
This has been fixed.
* The #INCLUDE and INCLUDE ssi-keyphrases are now slightly different ---
INCLUDE will check for "recursive includes", #INCLUDE will not. Since
a very simple recursive-file checking algorithim is used, INCLUDE will
only let you include a file ONCE -- if you want to include a file
twice (say, a button bar list at the top and bottom of your document), use
#INCLUDE.
3/18/97
* The "username" feature of the "nologs" option for suppressing
common-log audit file entries was not working (it has been fixed).
* The !DIR directive now understands the * wildcard character.
3/21/97
* The intermediate configurator "over-refreshed" (when a back button
was pushed). This has been fixed.
3/22/97
* A new option, NOREFERERS, has been added to the SREFLOGS.INI file
* An advanced Status facility (NUSTATUS) is now available.
3/25/97 --- Version 1.2i.325 released.
* Several bugs relating to the use of INHOUSEIPS. were fixed. In addition, you
can now use * in IP names with INHOUSEIPS. parameters.
* CERN imagemaps are now supported (as well as NCSA imagemaps). See
the NCSA_ISMAP and CERN_ISMAP parameters (in INITFILT.DOC) for details.
4/01/97 --- Version 1.2i.401 released
* Documents containing SELECT ssi-keyphrases will now be cached.
* FREEUP procedure has been simplified and fixed.
4/02/97
* COUNTER.RXX failed when used as an "INTERPRET FILE" keyphrase. This has been
fixed.
4/03/97
* SRE-Filter would crash when a very long request string was recieved,
common-log audting was on, and VERBOSE>0. This has been fixed.
4/06/97 -- Version 1.2i.497a release (note change in version numbering scheme)
* Minor improvements to the RECORD_ALL_FILE caching algorithim.
* Added a "save total bytes and bytes sent" option to COUNTER.RXX. Also
a minor edit of COUNTER.DOC.
* Minor changes to SREFMON.CMD (corrected some low probability bugs).
* Minor changes to GETAFILE add-on.
* Due to minor format misspecification, common-log files were not being read by
several log-audit tools (such as GETSTATS and ANALOG). This has been fixed.
4/15/97
* Minor changes to COUNTER.RXX: fixed some small bugs. More importantly,
add a DURATION option (for reporting number of hits in last "duration" days).
* When a !SENDAS_x_y requeset string (without anything after the "y") was recieved,
SRE-Filter would CRASH. This has been fixed.
4/17/97: Version 1.2i.497b release
* When host specific parameters were commented out, they were not being removed from
the SRE-Filter environment. This has been fixed.
* You can now redirect a DEFAULT, by entering the full URL (this is mostly useful
if you have multiple hosts).
4/22/97
* The intermediate configurator failed to save the DO_HTACCESS variable. This has
been fixed.
* A "shut down and restart GoServe/SRE-Filter remotely" add-on is now available.
--- End of document.