[dancer-users] Dancer 1 v1.1334 on its way to CPAN
yanick at babyl.dyndns.org
Sun Jun 2 17:57:32 BST 2013
As a way to celebrate YAPC::NA, here is a fresh new release of Dancer 1.
:-) It's a fairly small release, but it takes care of a security issue
with cookie names (it was possible to inject \r\n in the names, and thus
do evil things with the response headers), and has a patch that make
possible to have non-'/'-based apps behind proxies.
[ ENHANCEMENTS ]
* GH #919: 'dancer' script exits with code 255 if application
name is invalid. (ppisar)
* GH #871: now recognize HTTP_X_FORWARDED_PROTO. (mlbarrow)
* GH #926: make messages from fatal warnings show up in the logs.
* GH #930: speed improvement. (ichesnokov)
* GH #859: strip illegal characters from cookie name. (Colin Keith)
* GH #924: non-'/' apps behind proxies now possible using
'request-base' header. (Mikolaj Kucharski)
[ BUG FIXES ]
* GH #724: app.pl obeys --confdir. (Yanick Champoux)
* GH #927: logging format using 'h' now play nicely if no header
[ DOCUMENTATION ]
* GH #922: Add example of request parameters. (Gabor Szabo)
* Add scheme line for ngnix config in D::Deployment.
Enjoy (and, as usual, a big thank to all bug reporters and patchers, and
More information about the dancer-users