GitLab

Detail:
  The NT based CTS plugin fails to put Content-Type headers in
    posted form submissions.  The Microsoft server seems happy
    with this illegal form, but AcornHTTP isn't - and it decides
    that the post attempt is bogus and rejects it.  Instead of
    that, it now adds the application/x-www-form-urlencoded
    as the default content type.
Admin:
  Tested by proxying the NT plugin via WebServe and verified that
    the content-type is being added.

Version 0.86. Tagged as 'HTTP-0_86'

Detail:
  Added knowledge of OPTIONS and TRACE to the option decoder.
  Now knows about new SWI names of AcornSSL module.
Admin:
  Tested briefly.
  Requires AcornSSL-0_08 header export to have occurred.

Version 0.85. Tagged as 'HTTP-0_85'

Detail:
  Can't use __ctype with TinyStubs.
Admin:
  Built from clean; verified RAM build works.

Version 0.84. Tagged as 'HTTP-0_84'

  Updated version number control to srccommit.
  AcornSSL version mismatch detection code added for safety.
  No longer enables event generation for HTTP sockets.
Detail:
  * Cookie parser was getting confused by a trailing ; character on
  the end of set-cookie headers being sent to it by the Electronics
  Weekly web server.  This meant that it was rejecting the key
  cookie being used to control access to the site thus preventing
  people from accessing the site.
  * AcornHTTP now checks that the AcornSSL module is implementing a
  known SWI interface (the AcornSSL SWI interface changed in 0.03)
  * No longer uses ioctl(..FIOASYNC..) to enable event generation as
  the events aren't required and it wastes system resource to have
  them going off.
  * Makefile contains rules for generating .i files suitable for
  feeding to the McCabe toolset.
Admin:
  Built from clean; tested on Ursula & 3.70; verified access to
  Electronics Weekly (www.electronicsweekly.co.uk) now works.

Version 0.83. Tagged as 'HTTP-0_83'

* First block of data was being thrown on the floor during
  decompression in some cases.  This is now fixed.

* Debug output now knows about cookie related SWIs and won't claim that
  they are unknown SWIs.

* Transfers which are both Chunked and compressed work correctly now.

On the fly decompression now works.  Both deflated and gzipped files
are handled and will, if the server asks us to, be decompressed on the
fly during download.  (Chunked compressed downloads are untested)

Single character cookie names weren't being accepted as valid.  They now are.  This means that my.yahoo.com will now work properly (at least as far as cookie support is concerned, anyway ;-)

Also fixed a bug that was yet to appear but that would have hit eventually
whereby you couldn't load more than 100 cookies from a previously saved
cookie file.

Security errors are thrown if one of the secure SWIs is called and the SSL
services are not available any more.

Several comments added to explain deviances from standards and why we need
them.

More fixes to portlist handling to allow parameter-less Port attributes to
work on cookies.

Obsolete - contains large fragments of HTML representing faked up error pages.  It has not been included by any source files for ages.

Implementation detail documentation updates to cover recent API changes and stuff not generally suitable for specification documents.

* Domain match rules relaxed to allow more cookies to be stored as expected.  Although this compromises the specification, several sites are known to fail without this modification and in reality, the privacy and security implications are minor.

* When cookies are loaded, they are now marked as resaveable (ie. not
to be thrown away at the end of the session).  They must have been
saveable in order to be saved in the first place.  This fixes the bug
which causes cookies to disappear after two reinitialisations.

* Duplicate header suppression code moved to later in the header generator so that it actually does override user headers as it is supposed to.

  (affects Cookie2 and Accept-Encoding headers)

* Security code includes header exported by AcornSSL to <CExport$Dir>
  instead of requiring it to be present in a specific place relative to
  the HTTP sources.

Appears to work on the one server I've found to test against - more
servers need to be found. Particularly, we need to test unusual gzip
headers and interaction with chunking.

  Internet module are now vectored through a look up table so that the
  calls for an https request are sent via the AcornSSL module.   The HTTP
  module will only register https: protocol capability with the URL
  module if the AcornSSL module is present, thus allowing transparent
  addition of SSL support without requiring an update for the HTTP
  module.

* There is no encryption code in the HTTP module at all.  It is all
  confined to the AcornSSL module.

Cookie fix - internal counter was getting out of sync with the number of cookies being held resulting in a limit of 20 cookies ever being received from any given site.

Const-ness of veneers modified on the basis of the CMHG version number to
avoid build problems.

* Standardised make process in common with other protocol modules.
* Resources put into standard structure for internationalisation
* Standard !MkClean, !MkRom, !MkRam to build different versions