NaviServer 4.99.18 檔案已經被放上去
SourceForge,所以可以下載了。
這次的更新內容可以看
這裡。
New Features:
-------------
- Added ability to provide memory sizes via memory units (kB, MB, GB,
KiB, MiB, GiB) in the configuration files and commands. We follow
the approach taken by e.g. PostgreSQL and use 1024 as
multiplicator, which is e.g. useful for buffer sizes. All memory
sizes in the config files can be specified in memory
units. Currently, the only commands supporting memory units are
ns_cache_create, ns_cache_configure and ns_http. The configuration
based on integers without memory units continues to work.
- Portable config files (windows compatibility)
Rationale: unixoid platforms use traditionally ".so" as extension
of binary modules, no matter what "info sharedlibextension" is. On
macOS, the sharedlibextension returns ".dylib", while the module is
named ".so". Under windows, it seems that the extension of the module
has to be ".dll", so we can't write portable config
files without extra effort.
The new code tries now first to load the library as specified for
backward compatibility (maybe containing a file extension). When
this fails, it tries to append either ".so" in unixoid platforms or
".dll" under windows.
- new API call: ns_db currenthandles
Return information about handles currently allocated to the thread
performing this call. The result contains a dict with the pools,
from which handles were allocated, the names of the handles and
their "active" state (a handle is active between a "ns_db select"
and the last "ns_db getrow" statement). If no handles are allocated
by this thread, empty is returned.
For example, a possible result is "main {nsdb0 1} subquery {nsdb1
0}" indicating that the current thread has allocated handles from
pool "main" and "subquery", but the handle from pool "main" (i.e.
"nsdb0") is currently active (during a select).
This feature requires Tcl 8.5 or newer.
- More security features: SameSite support for cookies
The command ns_setcookie supports now the flag "-samesite" with
permissible values "strict|lax|none". When the flag is set it
prevents the browser from sending this cookie along with cross-site
requests to mitigate cross site scripting attacks. Permissible
values are [term strict], [term lax], or [term none]
(default). While the value [term strict] prevents sending the
cookie to the target site in all cross-site browsing context, the
value of [term lax] allows sending the cookie when the user clicks
on regular links. For details, see
https://www.owasp.org/index.php/SameSite
The "SameSite" cookie flag is not yet part of an RFC, but most major
browsers support it. Browsers that do not support it, ignore the flag
silently (see https://caniuse.com/#search=samesite).
Although most cookies should probably use the flags, in order to
provide backward compatibility, the flag can't be activated by
default on all cookies.
- Better entries in server log for scheduled procedures.
With this change, one can determine exactly, which scheduled thread
was executing an instance of which scheduled procedure. Similarly
as for connection threads, one can now distinguish, whether two
log-entries are from the same instance of a scheduled proc or from
different ones.
- nsdb stats: Return as well number of currently connected DB connections.
目前還沒有編譯和測試,晚上我會試著升級我目前使用的版本。
