Bug 241630

Summary: [maintainer-update] www/wt update 4.1.2
Product: Ports & Packages Reporter: Mohammad S. Babaei <info>
Component: Individual Port(s)Assignee: Dmitri Goutnik <dmgk>
Status: Closed FIXED    
Severity: Affects Only Me CC: dmgk
Priority: --- Keywords: buildisok
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
www/wt3 v4.1.1 to v4.1.2 patch file none

Description Mohammad S. Babaei 2019-10-31 22:51:05 UTC 
Created attachment 208750 [details]
www/wt3 v4.1.1 to v4.1.2 patch file

Release 4.1.2 (October 30, 2019)

This release fixes the following issues:

    wthttp security issues:
        Wt internally used an SSL-Client-Certificates header to send client certificates to child processes when using dedicated process mode. It was however always accepted even when Wt was not behind a reverse proxy, and sent to child processes as-is. wthttp now correctly disregards it when not received from a reverse proxy. The header was also renamed to X-Wt-Ssl-Client-Certificates to clarify that it is a non-standard internal Wt header.
        When using dedicated session processes with wthttp, the parent process would trust X-Forwarded-Proto and X-Forwarded-Port even when Wt was not configured to be behind a reverse proxy. These are now discarded.

    Fixed an issue raised on the forum causing WTreeView to not properly react to certain size changes.

    Fixed issue #7291: wtfcgi would not properly match default entry point

    Fixed a few issues found by clang-analyzer:
        Fixed an issue in WAnchor that would cause image() to return nullptr if it was provided in the constructor.
        Fixed WCssDecorationStyle self-assignment

    Made tests succeed even if Wt is built with ENABLE_UNWIND=ON.
    issue #7292: OAuthService now correctly uses refresh_token instead of refreshToken

    Http::Client fixes:
        fixed issue #7272: support @ character in the path of a URL
        fixed 204 No Content response code behavior (would hang before, waiting for content) (issue #7273)

    More informative error and exception messages:
        QueryModel's "geometry inconsistent with database" exception now contains row and cache start and size information
        WebSession's "not serving this" info message contains more context so it's less confusing

    Documentation fixes:
        The release notes for Wt 3.3.8 incorrectly referred to allowed-hosts, while this property is actually named allowed-origins
        Updated WLocale::setTimeZone() documentation
Comment 1 Automation User 2019-11-01 00:55:48 UTC 
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/92956343
Comment 2 commit-hook freebsd_committer freebsd_triage 2019-11-01 19:03:32 UTC 
A commit references this bug:

Author: dmgk
Date: Fri Nov  1 19:03:25 UTC 2019
New revision: 516262
URL: https://svnweb.freebsd.org/changeset/ports/516262

Log:
  www/wt: Update to 4.1.2

  Changes:	https://webtoolkit.eu/wt/doc/reference/html/Releasenotes.html

  PR:		241630
  Submitted by:	Mohammad S. Babaei <info@babaei.net> (maintainer)
  Approved by:	tz (mentor, implicit)

Changes:
  head/www/wt/Makefile
  head/www/wt/distinfo
  head/www/wt/pkg-plist
Comment 3 Dmitri Goutnik freebsd_committer freebsd_triage 2019-11-01 19:04:30 UTC 
Committed, thanks!