X-Git-Url: http://sjero.net/git/?p=wget;a=blobdiff_plain;f=NEWS;h=cd63c617f0af443c22c07881239be87548bca8ae;hp=878bc88f476e9859971c6d575d50bb9678b9efb1;hb=186200fb6eb5f1c78ef21349fc34f05e6c48ee21;hpb=62a4ca32899b572170fc33d86a65f36145116b8d diff --git a/NEWS b/NEWS index 878bc88f..b5f4cbf4 100644 --- a/NEWS +++ b/NEWS @@ -1,10 +1,410 @@ GNU Wget NEWS -- history of user-visible changes. -Copyright (C) 1997, 1998, 2000, 2001 Free Software Foundation, Inc. +Copyright (C) 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, +2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc. See the end for copying conditions. Please send GNU Wget bug reports to . +* Changes in Wget 1.13.1 + +** Support HTTP/1.1 + +** Now by default the GNU TLS library for secure connections, instead of + OpenSSL. + +** Fix some portability issues. + +** Handle properly malformed status line in a HTTP response. + +** Ignore zero length domains in $no_proxy. + +** Set new cookies after an authorization failure. + +** Exit with failure if -k is specified and -O is not a regular file. + +** Cope better with unclosed html tags. + +** Print diagnostic messages to stderr, not stdout. + +** Do not use an additional HEAD request when --content-disposition is used, + but use directly GET. + +** Report the average transfer speed correctly when multiple URL's are specified + and -c influences the transferred data amount. + +** GNU TLS backend works again. + +** Now --timestamping and --continue works well together. + +** By default, on server redirects, use the original URL to get the + local file name. Close CVE-2010-2252. This introduces a + backward-incompatibility; any script that relies on the old + behaviour must use --trust-server-names. + +** Fix a problem when -k is used and some URLs are specified trough + CSS. + +** Convert correctly URLs that need to be encoded to local files when following + links. + +** Use persistent connections with proxies supporting them. + +** Print the total download time as part of the summary for recursive downloads. + +** Now it is possible to specify a different startup configuration file trough + the --config option. + +** Fix an infinite loop with the error ' has sprung into existence' + on a network error and -nc is used. + +** Now --adjust-extension does not modify the file extension if the file ends + in .htm. + +** Support HTTP/1.1 307 redirects keep request method. + +** Now --no-parent doesn't fetch undesired files if HTTP and HTTPS are used + by the same host on different pages. + +** Do not attempt to remove the file if it is not in the accept rules but + it is the output destination file. + +** Introduce `show_all_dns_entries' to print all IP addresses corresponding to + a DNS name when it is resolved. + +* Changes in Wget 1.12 + +** Mailing list MOVED to bug-wget@gnu.org + +** SECURITY FIX: It had been possible to trick Wget into accepting +SSL certificates that don't match the host name, through the trick of +embedding NUL characters into the certs' common name. Fixed by Joao +Ferreira . + +** Added support for CSS. This includes: + - Parsing links from CSS files, and from CSS content found in HTML + style tags and attributes. + - Supporting conversion of links found within CSS content, when + --convert-links is specified. + - Ensuring that CSS files end in the ".css" filename extension, + when --convert-links is specified. + + CSS support in Wget is thanks to Ted Mielczarek + . + +** Added support for Internationalized Resource Identifiers (IRIs, RFC +3987). When support is enabled (requires libidn and libiconv), links +with non-ASCII bytes are translated from their source encoding to UTF-8 +before percent-encoding. IRI support was added by Saint Xavier +, as his project for the Google Summer of Code. + +** Wget now provides more sensible exit status codes when downloads +don't proceed as expected (see the manual). + +** --default-page option (and associated wgetrc command) added to +support alternative default names for index.html. + +** --ask-password option (and associated wgetrc command) added to +support password prompts at the console. + +** The --input-file option now also handles retrieving links from +an external file. + +** The output generated by the --version option now includes +information on how it was built, and the set of configure-time options +that were selected. + +** --html-extension has been renamed to --adjust-extension, to reflect +the fact that it now also applies to CSS content. --html-extension is +still acceptable, but is now deprecated. + +** An "ascii" specifier is now accepted by --restrict-file-names, which +forces the percent-encoding of all non-ASCII bytes + +** Several previously existing, but undocumented .wgetrc options are +now documented: save_headers, spider, and user_agent, +auth_no_challenge, and keep_session_cookies. Also added documentation +for the "lowercase" and "uppercase" values for --restrict-file-names, which had been present since Wget 1.11. + +* Changes in Wget 1.11.4 + +** Fixed an issue (apparently a regression) where -O would refuse to +download when -nc was given, even though the file didn't exist. + +** Fixed a situation where Wget could abort with --continue if the +remote server gives a content-length of zero when the file exists +locally with content. + +** Fixed a crash on some systems, due to Wget casting a pointer-to-long +to a pointer-to-time_t. + +** Translation updates for Catalan. + +* Changes in Wget 1.11.3 + +** Downgraded -N with -O to a warning, rather than an error. + +** Translation updates + +* Changes in Wget 1.11.2 + +** Fixed a problem in authenticating over HTTPS through a proxy. +(Regression in 1.11 over 1.10.2.) + +** The combination of -r or -p with -O, which was disallowed in 1.11, +has been downgraded to a warning in 1.11.2. (-O and -N, which was never +meaningful, is still an error.) + +** Further improvements to progress bar displays in non-English locales +(too many spaces could be inserted, causing the display to scroll). + +** Successive invocations of Wget on FTP URLS, with --no-remove-listing +and --continue, was causing Wget to append, rather than replace, +information in the .listing file, and thereby download the same files +multiple times. This has been fixed in 1.11.2. + +** Wget 1.11 no longer allowed ".." to persist at the beginning of URLs, +for improved conformance with RFC 3986. However, this behavior presents +problems for some FTP setups, and so they are now preserved again, for +FTP URLs only. + +* Changes in Wget 1.11.1. + +** Interrupted downloads no longer result in renaming the file +(regression in 1.11 over 1.10.2). + +** Progress bar now displays correctly in non-English locales (and a +related assertion failure was fixed). + +** Wget no longer issues a GET request over HTTP for files it should +know it's not going to download (regression in 1.11 over 1.10.2). + +** Added option --auth-no-challenge, to support broken pre-1.11 +authentication-before-server-challenge, which turns out to still be +useful for some limited cases. + +** Documentation of accept/reject lists in the manual's "Types of +Files" section now explains various aspects of their behavior that may +be surprising, and notes that they may change in the future. + +** Documentation of --no-parents now explains how a trailing slash, or +lack thereof, in the specified URL, will affect behavior. + +* Changes in Wget 1.11. + +** Timestamping now uses the value from the most recent HTTP response, +rather than the first one it got. + +** Authentication information is no longer sent as part of the Referer +header in recursive fetches. + +** No authentication credentials are sent until a challenge is issued, +for improved security. Authentication handling is still not +RFC-compliant, as once a Basic challenge has been received, it will +assume it can send credentials to any URL at that same host, and not +just the ones at or below the original authenticated location. +Credentials for Digest authentication are still never saved or issued +automatically, and continue to require a challenge for each resource. + +** Added --max-redirect option, allowing the user to specify what should +be the maximum number of HTTP redirects to follow. + +** Wget now supports saving HTTP downloads using file names specified by +the `Content-Disposition' header. This is a standard way of specifying +the file name used by many web dynamically generated pages. However, the +current implementation is inefficient, and known to have bugs. It is +EXPERIMENTAL only, and not enabled by default. Use --content-disposition +to enable it. + +** The new option `--ignore-case' makes Wget ignore case when +matching files, directories, and wildcards. This affects the -X, -I, +-A, and -R options, as well as globbing in FTP URLs. + +** ETA projection is now displayed in "dot" progress output as well as +in the default progress bar. (The dot progress is used by default when +logging Wget's output to file using the `-o' option.) + +** The "lockable boolean" argument type is no longer supported. It +was only used by the passive_ftp .wgetrc setting. If you're running +broken scripts or Perl modules that unconditionally specify +`--passive-ftp' and your firewall disallows it, you can override them +by replacing wget with a script that execs wget "$@" --no-passive-ftp. + +** The source code has been migrated to Mercurial. The repositories are +available at http://hg.addictivecode.org/. Prior to this, the source +code was hosted on Subversion (migrated from the original CVS); you can +still get access to older tags and branches for Wget in the Subversion +repository at http://addictivecode.org/svn/wget/. + +* Changes in Wget 1.10. + +** Downloading files larger than 2GB, sometimes referred to as "large +files", now works on systems that support them. This includes the +majority of modern Unixes, as well as MS Windows. + +** IPv6 is now supported by Wget. Unlike the experimental code in +1.9, this version supports dual-family systems. The new flags +`--inet4' and `--inet6' (or `-4' and `-6' for short) force the use of +IPv4 and IPv6 respectively. Note that IPv6 support has not yet been +tested on Windows. + +** Microsoft's proprietary "NTLM" method of HTTP authentication is now +supported. This authentication method is undocumented and only used +by IIS. Note that *proxy* authentication is not supported in this +release; you can only authenticate to the target web site. + +** Wget no longer truncates partially downloaded files when download +has to start over because the server doesn't support Range. Instead, +with such servers Wget now simply ignores the data up to the byte +where the last attempt left off, and only then continues appending to +the file. That way the downloaded file never shrinks, and download +retries from servers without support for partial downloads work even +when downloading to stdout. + +** SSL/TLS changes: + +*** SSL/TLS downloads now attempt to verify the server's certificate +against the recognized certificate authorities. This requires CA +certificates to have been installed in a location visible to the +OpenSSL library. If this is not the case, you can get the bundle +yourself from a source you trust (for example, the bundle extracted +from Mozilla available at http://curl.haxx.se/docs/caextract.html), +and point Wget to the PEM file using the `--ca-certificate' +command-line option or the corresponding `.wgetrc' command. + +*** Secure downloads now verify that the host name in the URL matches +the "common name" in the certificate presented by the server. + +*** Although the above checks provide more secure downloads, they +unavoidably break interoperability with some sites that worked with +previous versions, particularly those using self-signed, expired, or +otherwise invalid certificates. If you encounter "certificate +verification" errors or complaints that "common name doesn't match +requested host name" and are convinced of the site's authenticity, you +can use `--no-check-certificate' to bypass both checks. + +*** Talking to SSL/TLS servers over proxies now actually works. +Previous versions of Wget erroneously sent GET requests for https +URLs. Wget 1.10 utilizes the CONNECT method designed for this +purpose. + +*** The SSL/TLS-related options have been redesigned and, for the +first time, documented in the manual. The old, undocumented, options +are no longer supported. + +** Passive FTP is now the default FTP transfer mode. Use +`--no-passive-ftp' or specify `passive_ftp = off' in your init file to +revert to the old behavior. + +** The `--header' option can now be used to override generated +headers. For example, `wget --header="Host: foo.bar" +http://127.0.0.1' tells Wget to connect to localhost, but to specify +"foo.bar" in the `Host' header. In previous versions such use of +`--header' lead to duplicate headers in HTTP requests. + +** The responses without headers, aka "HTTP 0.9" responses, are +detected and handled. Although HTTP 0.9 has long been obsolete, it is +still occasionally used, sometimes by accident. + +** The progress bar is now updated regularly even when the data does +not arrive from the network. + +** Wget no longer preserves permissions of files retrieved by FTP by +default. Anonymous FTP servers frequently use permissions like "664", +which might not be what the user wants. The new option +`--preserve-permissions' and the corresponding `.wgetrc' variable can +be used to revert to the old behavior. + +** The new option `--protocol-directories' instructs Wget to also use +the protocol name as a directory component of local file names. + +** Options that previously unconditionally set or unset various flags +are now boolean options that can be invoked as either `--OPTION' or +`--no-OPTION'. Options that required an argument "on" or "off" have +also been changed this way, but they still accept the old syntax for +backward compatibility. For example, instead of `--glob=off' you can +write `--no-glob'. + +Allowing `--no-OPTION' for every `--OPTION' and the other way around +is useful because it allows the user to override non-default behavior +specified via `.wgetrc'. + +** The new option `--keep-session-cookies' causes `--save-cookies' to +save session cookies (normally only kept in memory) along with the +permanent ones. This is useful because many sites track important +information, such as whether the user has authenticated, in session +cookies. With this option multiple Wget runs are treated as a single +browser session. + +** Wget now supports the --ftp-user and --ftp-password command +switches to set username and password for FTP, and the --user and +--password command switches to set username and password for both FTP +and HTTP. The --http-passwd and --proxy-passwd command switches have +been renamed to --http-password and --proxy-password respectively, and +the related http_passwd and proxy_passwd .wgetrc commands to +http_password and proxy_password respectively. The login and passwd +.wgetrc commands have been deprecated. + +* `wget -b' now works correctly under Windows. + +* Wget 1.9.1 is a bugfix release with no user-visible changes. + +* Changes in Wget 1.9. + +** It is now possible to specify that POST method be used for HTTP +requests. For example, `wget --post-data="id=foo&data=bar" URL' will +send a POST request with the specified contents. + +** IPv6 support is available, although it's still experimental. + +** The `--timeout' option now also affects DNS lookup and establishing +the TCP connection. Previously it only affected reading and writing +data. Those three timeouts can be set separately using +`--dns-timeout', `--connection-timeout', and `--read-timeout', +respectively. + +** Download speed shown by the progress bar is based on the data +recently read, rather than the average speed of the entire download. +The ETA projection is still based on the overall average. + +** It is now possible to connect to FTP servers through FWTK +firewalls. Set ftp_proxy to an FTP URL, and Wget will automatically +log on to the proxy as "username@host". + +** The new option `--retry-connrefused' makes Wget retry downloads +even in the face of refused connections, which are otherwise +considered a fatal error. + +** The new option `--no-dns-cache' may be used to prevent Wget from +caching DNS lookups. + +** Wget no longer escapes characters in local file names based on +whether they're appropriate in URLs. Escaping can still occur for +nonprintable characters or for '/', but no longer for frequent +characters such as space. You can use the new option +--restrict-file-names to relax or strengthen these rules, which can be +useful if you dislike the default or if you're downloading to +non-native partitions. + +** Handling of HTML comments has been dumbed down to conform to what +users expect and other browsers do: instead of being treated as SGML +declaration, a comment is terminated at the first occurrence of "-->". +Use `--strict-comments' to revert to the old behavior. + +** Wget now correctly handles relative URIs that begin with "//", such +as "//img.foo.com/foo.jpg". + +** Boolean options in `.wgetrc' and on the command line now accept +values "yes" and "no" along with the traditional "on" and "off". + +** It is now possible to specify decimal values for timeouts, waiting +periods, and download rate. For instance, `--wait=0.5' now works as +expected, as does `--dns-timeout=0.5' and even `--limit-rate=2.5k'. + +* Wget 1.8.2 is a bugfix release with no user-visible changes. + +* Wget 1.8.1 is a bugfix release with no user-visible changes. + * Changes in Wget 1.8. ** A new progress indicator is now available and used by default. @@ -56,7 +456,7 @@ addresses when accessing the first one fails. non-standard port. ** Wget now supports the robots.txt directives specified in -. +. ** URL parser has been fixed, especially the infamous overzealous quoting. Wget no longer dequotes reserved characters, e.g. `%3F' is @@ -155,7 +555,7 @@ passive_ftp is the only .wgetrc command which takes a lockable Boolean. ** A number of new translation files have been added. -** New --bind-address / bind_address =
option for people on hosts +** New --bind-address / bind_address =
option for people on hosts bound to multiple IP addresses. ** wget now accepts (illegal per HTTP spec) relative URLs in HTTP redirects. @@ -380,7 +780,7 @@ geturl -vo log http://fly.cc.fer.hr/ ---------------------------------------------------------------------- Copyright information: -Copyright (C) 1997, 1998, 2000, 2001 Free Software Foundation, Inc. +Copyright (C) 1997-2005 Free Software Foundation, Inc. Permission is granted to anyone to make or distribute verbatim copies of this document as received, in any medium, provided that