Bug 943: Refuse user JS actions in unfocused tabs

[elinks/elinks-j605.git] / NEWS

Release info
============

You can see the complete list of recent changes, bugfixes and new features
in the http://repo.or.cz/w/elinks.git[gitweb interface]. See the ChangeLog
file for details.

ELinks 0.13.GIT now:
--------------------

To be released as ELinks 0.13.0.

Incompatibilities:

* The protocol.fsp.sort option has been removed.  ELinks always sorts.
* bug 1024: Verify the host name or IP address in the server certificate
  if connection.ssl.cert_verify is not 0.

Miscellaneous:

* major bug 181: Slave ELinks processes can now run an external editor.
  This used to work in the master process only.
* major bug 722: Filter CSS according to media types.  New option
  document.css.media.
* bug 638: Propagate the existence of $DISPLAY from slave terminals to
  mailcap test commands.
* bugs 762, 1082: Small memory leak in goto_current_link/goto_imgmap
* bug 963: New option document.css.ignore_display_none.
* bug 977: Fixed crash when opening in new tab a non link with onclick
  attribute.
* bug 983: Give preference to the Content-Type specified in the HTTP
  header over that specified via the HTML meta tag.
* bug 1008: File upload fields in HTML forms now stream the files to
  the server, instead of reading them to memory in advance.  This lets
  you upload larger files.  The downsides are that ELinks may use a
  cached response even if you have modified a file between requests,
  and that ELinks can send inconsistent data if you modify a file
  while it is being uploaded.
* bug 1054: Don't abort downloads when closing the terminal from which
  they were started.  When such a download ends, display the message
  in the most recently used terminal.  If the user chooses
  ``Background and Notify'' via the download manager in some terminal,
  reassociate the download with that terminal.  These changes do not
  apply to downloads to external handlers.
* bug 1112: Map most numeric character references € ... Ÿ
  to graphical characters also when the output charset is UTF-8.
  (ELinks 0.12pre1 was the first release that supported UTF-8 as the
  terminal charset, and ELinks 0.12pre5 was the first release that
  supported UTF-8 as the dump charset.)
* Really retry forever when connection.retries = 0.
* minor bug 1113: Fix a small memory leak if a mailcap file is malformed.
* minor bug 1114: Decode SGML entities and NCRs only once in link/@title
  and other attributes.
* enhancement: Session-specific options.  Any options changed with
  toggle-* actions no longer affect other tabs or other terminals.
* Do not crash when document.browse.minimum_refresh_time = 0 and
  a document has a meta refresh with a delay of 0.
* Properly update link highlighting and status bar information when the
  repeat prefix is changed.
* enhancement 15: Domain-specific options.  Use set_domain in
  elinks.conf to e.g. disable cookies for google.com.  The option
  manager window does not yet support this.
* enhancement 867: Use bracketed paste mode on xterm.  This requires
  xterm patch #228 or later configured with --enable-readline-mouse.
* enhancement 824: Experimental support for combining characters.
  See features.conf for details.
* enhancement: Add a new entry Link Info under Link main menu.
* enhancement: Indicate backgrounded downloads using an unused led.
* enhancement: Display the number of ECMAScript interpreters that have
  been allocated for documents in the Resources dialog.
* Fedora enhancement 346861: Add support for nss_compat_ossl library
  (OpenSSL replacement).
* enhancement: ``elinks --dump'' uses box-drawing characters if supported
  by the charset.
* enhancement 1070: Support 256 colors on fbterm-1.4.
* enhancement 1075: Scrolling the entire contents of dialog boxes.
  Especially useful for multi-file BitTorrent downloads.
* Report if the Lua function edit_bookmark_dialog receives the wrong
  number or types of arguments instead of silently failing.
* enhancement: Add ``Invalidate'' button to the cache manager.
* enhancement: Add ``Search contents'' button to the cache manager with
  which one can search through the cache items' data rather than their
  metadata.
* enhancement: Add rudimentary support for the HTML5 media elements,
  <video> and <audio>.
* enhancement: Add move-half-page-up and move-half-page-down actions.
* enhancement: Add option to change overlap for vertical scrolling.
* enhancement: HTML meta refresh allows semicolons in URLs, and the
  syntax is more like in Firefox.
* link against lua51 not lua50
* SpiderMonkey must be 1.8.5 or later.  Find it with pkg-config.
* using iconv for some multibyte charsets. It works if the terminal codepage
  is UTF-8. More charsets will be added on demand.
* Dropped support for SEE

//////////////////////////////////////////////////////////////////////
The following changes should be removed from NEWS before ELinks 0.13.0
is released.  They are currently listed here just to show that they
have already been considered.

* Fixed bugs that were not in previous versions:
  - blocker bug 1123: segfault on https with openssl + cert_verify=1
    (caused by the bug 1024 fix, which was not applied to elinks-0.12)
  - critical bug 1009: assertion failure in add_snippets()
    (mostly reverted)
//////////////////////////////////////////////////////////////////////

ELinks 0.12pre5.GIT now:
------------------------

To be released as 0.12pre6 or 0.12rc1.

Bugs that should be removed from NEWS before the 0.12.0 release:

* critical bug 943: Don't let user JavaScripts call any methods of
  ``elinks.action'' in tabs that do not have the focus.  If a tab was
  closed with ``elinks.action.tab_close'' while it had pop-up windows,
  ELinks could crash; as a precaution, don't allow other actions
  either.  ELinks 0.12pre1 was the first release that supported
  ``elinks.action''.

ELinks 0.12pre5:
----------------

Released on 2009-07-08.

* Debian bug 534835: Check the return values of some SpiderMonkey
  functions, to avoid crashes if out of memory.
* minor bug 1017: To work around HTTP server bugs, disable
  protocol.http.compression by default, until ELinks can report
  decompression errors or automatically retry the connection.
* enhancement: The French translation was updated.

Bugs that should be removed from NEWS before the 0.12.0 release:

* critical bug 1081: To fix crashes caused by different definitions of
  regfree() in TRE and in the system libc, link with TRE before any
  other libraries.  ELinks 0.12pre4 was the first release that had
  this bug.
* Searching for more than one fullwidth (e.g. Japanese) character now
  works.
* bug 1080: Support ``--dump-color-mode'' with ``--dump-charset UTF-8''.
  Neither of those worked before ELinks 0.12pre1.

ELinks 0.12pre4:
----------------

Released on 2009-05-31.  This release also included the changes listed
under ``ELinks 0.11.6'' below.

Incompatibilities:

* Debian build bug 529821: Use ``pkg-config gnutls'' instead of
  ``libgnutls-config'', which is not included in GNUTLS 2.7.x.
  You can no longer specify the location of GNUTLS using
  ``configure --with-gnutls=DIR''.

Other changes:

* critical bug 1077: Fix crash opening a ``javascript:'' link in a new
  tab.
* Debian bug 528661: If using GNUTLS 2.1.7 or later, disable various
  TLS extensions (including CERT and SERVERNAME) to help handshaking
  with the SSLv3-only bugzilla.novell.com.
* Debian build bug 526349: Include asciidoc.py from AsciiDoc 7.1.2,
  to remove all dependencies on the installed version.
* build enhancement: Recognize ``configure --without-tre''.

Bugs that should be removed from NEWS before the 0.12.0 release:

* critical bug 1071: Fix crash in get_dom_node_child.  ELinks 0.12pre1
  was the first release that had this bug.
* bug 765: Opening a new tab no longer asks about the document of the
  previous tab.  ELinks 0.12pre1 was the first release that had this
  bug.

ELinks 0.12pre3:
----------------

Released on 2009-03-29.  This release also included the changes listed
under ``ELinks 0.11.6'' below.

Incompatibilities:

* bug 1060: Regexp searching now requires the TRE library.
* lzma disabled by default. It's rarely used and doesn't build with new xz.

Other changes:

* critical: Fix assertion failure if IMG/@usemap refers to a different
  file.
* Preserve newlines in hidden input fields, and submit them as CRLF.
  Previously, they could turn into spaces or disappear entirely.
* Perl scripts can use modules that dynamically load C libraries, like
  XML::LibXML::SAX does.
* bug 153: Preserve Unicode characters in XBEL bookmark files.
  However, Unicode in URIs (really IRIs) does not work reliably yet;
  this is being tracked as bug 1066.
* bug 885: Convert xterm titles to ISO-8859-1 by default, but add an
  option to disable this.  When removing control characters from a
  title, note the charset.  Don't truncate titles to the width of the
  terminal.
* bug 1061: Correctly truncate UTF-8 titles in the tab bar.
* bug 1068: ELinks used to display a blank or truncated page if an
  HTTP/1.1 server sent a compressed body with incorrect Content-Length.
  That has now been fixed, and a new option (protocol.http.compression)
  has been added.
* Don't crash when the search-toggle-regex action is used and no regular
  expression support is compiled in.
* minor bug 761: When reading bookmarks from an XBEL file, distinguish
  attribute names from attribute values.
* enhancement: Updated ISO 8859-7, ISO 8859-16, KOI8-R, and MacRoman.
* lzma disabled by default. It's rarely used and doesn't build with new xz.

Bugs that should be removed from NEWS before the 0.12.0 release:

* critical bug 1067: Fixed a crash in the RSS parser that ``configure
  --enable-html-highlight'' enables.  ELinks 0.12pre1 was the first
  release that had this bug.
* bug 1069: ELinks didn't report ECMAScript errors, even if the
  ecmascript.error_reporting option was turned on.  ELinks 0.12pre2
  was the first release that had this bug.

ELinks 0.12pre2:
----------------

Released on 2008-09-21.  This release also included the changes listed
under ``ELinks 0.11.5'' below.

* bug 954, enhancement 952: Keep track of ECMAScript form and input
  objects instead of constructing new ones on every access.  When the
  corresponding ELinks internal objects are destroyed, detach the
  ECMAScript objects from them, to prevent crashes.  (Bug 954 was
  first added in ELinks 0.11.4, and the bug 620 fix in ELinks 0.12pre1
  made crashes more likely.)
* critical bug 1029 in user SMJS: Prefer JS_CallFunctionValue over
  JS_CallFunction, which can crash if given a closure.
* critical bug 1031: Use the same JSRuntime for both user SMJS and
  scripts on web pages, to work around SpiderMonkey bug 378918.
* bug 1013: Don't assume errno values are between 0 and 100000.
* bug 1022: Add connection.ssl.trusted_ca_file setting for GnuTLS.
  Before this, ELinks did not trust any certificate authorities when
  it used GnuTLS, so certificate verification always failed if you
  enabled it at connection.ssl.cert_verify.
* bug 1040: Blacklist servers that don't support TLS.  This reduces
  SSL errors especially in HTTP POST requests using GnuTLS.
* bugs 1007, 1041: Display unrecognized lines in FTP directory
  listings, instead of annoying the user with error messages.
* Hurd bug 22861: Work around select() falsely reporting exceptions
  in pipes.
* minor bug 951: SpiderMonkey scripting objects used to prevent ELinks
  from removing files from the memory cache.
* build bug 1044: Check whether -rdynamic works with libraries.
  With Sun Studio 11 on Solaris 9, it reportedly doesn't.

Bugs that should be removed from NEWS before the 0.12.0 release:

* critical: Fix crash after a tab was opened during reload.  This was
  triggered by the bug 620 fix in ELinks 0.12pre1.
* critical bug 1018: Avoid an assertion failure when selecting a value
  from a pop-up menu for an input field in a tab that is no longer
  current, e.g. because another tab was opened with elinks -remote.
  This bug was first released in ELinks 0.12pre1.
* major bug 1026 in user SMJS: Protect the callback of elinks.load_uri
  from the garbage collector.  The elinks.load_uri method was added in
  ELinks 0.12pre1.
* bug 955: Reset buttons no longer run FORM/@onsubmit, and
  ``harmless'' buttons no longer submit the form.  ELinks 0.12pre1
  was the first release that had these bugs.
* bug 1033: Fix memory leak in ECMAScript window.open.  ELinks 0.12pre1
  was the first release that had this bug.
* bug 1034: ``Content-Encoding: deflate'' allows a zlib header as
  specified in RFC 2616.
* Global ECMAScript functions alert, open, and setTimeout again work
  with SEE.  ELinks 0.12pre1 was the first release that supported SEE
  at all.
* build bug 1045: Fix ``void function cannot return value'' in
  never_for_this_site() of src/formhist/formhist.c.  ELinks 0.12pre1
  was the first release that had this bug.

ELinks 0.12pre1:
----------------

Released on 2008-07-01.  This release also included the changes listed
under ``ELinks 0.11.4'' below.

Notable new features:

* enhancement 822: UTF-8 as terminal charset, not merely UTF-8 I/O
  of a unibyte codepage as in previous versions.  Double-cell (aka
  fullwidth) and supplementary characters work too, but combining
  characters and right-to-left text do not.  The only multibyte
  charset ELinks can decode is still UTF-8, so if the server outputs
  e.g. Shift-JIS, you'd better recode with a proxy.  See more notes
  in features.conf.
* enhancement 844: SMB protocol using libsmbclient.  This replaces
  the smbclient-based code that was disabled in ELinks 0.11.2.
  Unfortunately, Samba 3.2.0 and later seem GPLv2 incompatible.

Incompatibilities:

* ECMAScript support is now disabled by default.  It has known
  bugs 548 and 771 with which malicious web pages can hang ELinks,
  and its security goals are undocumented.  If you must enable
  ECMAScript support, it would be prudent to restrict the ELinks
  process with a sandbox of some kind.
* ECMAScript support no longer works with SpiderMonkey versions
  earlier than JS1.5 RC3a.
* Gzip decompression support now requires zlib 1.2.0.2 or later.
* bugs 871, 752: The numbering of terminal.*.colors no longer depends
  on config options.  This change makes elinks.conf portable between
  different configurations but unfortunately not between this and
  previous versions.
* Changed Python goto_url_hook(current) to goto_url_hook(new).  The
  hook can call the new function elinks.current_url() if desired.
  The Python scripting back-end is much more featureful than in
  previous releases, but it is still considered experimental.
* Guile scripting reads hooks.scm rather than internal-hooks.scm.
  (It still reads user-hooks.scm, too.)

Miscellaneous:

* critical bug 723: fix dangling pointer crash when following a link
  in a frame
* critical bug 756: ``assertion (cached)->object.refcount >= 0 failed''
  after HTTP proxy was changed
* critical bug 869: long mailcap entry buffer overflow (non-security)
  when downloading
* tabs opened by -remote now go behind existing dialogs
* major bug 534, enhancement 517: fix HTTP gzip and bzip2
  decompression, and add deflate and LZMA (requires LZMA Utils)
* major bug 503: various fixes in parsing and updating of elinks.conf
* Debian bug 257762: turn terminal transparency off by default
* bug 770: when the user chooses to resume an HTTP download, abort the
  automatically started one and start a new one with the right range
* bug 724: better parsing of escape sequences and control
  sequences from the terminal
* bug 948: fix wrong UTF-8 output after the charset menu was used
* bug 816: convert entity references in input/@value only once
* bug 916: if a mailcap entry has no %s, provide the file as stdin
* bug 744: don't change ``//'' to ``/'' in URIs
* bug 766: speed up CSS
* bug 355: add documents displayed via ``What to do'' dialog to the
  global history
* encode and decode filenames in FSP URLs
* don't use a busy cache entry if it has expired or should be
  reloaded.  See elinks-users mail from 28 Oct 2005.
* several accesskey fixes
* in Lua: don't write to the string returned by lua_tostring
* minor bug 972: preserve the background color and underlining in
  spaces when justifying
* minor bug 284: render closing bracket for HTML element SUB in the
  same line; don't let it fall to the next
* minor: show quote characters for HTML element Q, rather than italics
* trivial bug 387: treat &#013; inside <pre>...</pre> as a newline
* trivial bug 930: refresh status bar when key prefix is eaten
* trivial bug 776: ``elinks -remote http://elinks.cz/'' no longer clears
  the screen
* enhancement 790: If-Modified-Since and If-None-Match
* enhancement: HTTP negotiate-auth using GSSAPI
* enhancement: FSP progress indicator and password prompt
* enhancement: autocreate directories needed to download a file
* enhancement: ``Add server'' button in the cookie manager
* enhancement 887: ``Save'' in the cookie manager now saves cookies
  even if unmodified
* enhancement 145: internal clipboard support
* enhancement: new main actions move-cursor-line-start,
  move-link-down-line, move-link-left-line, move-link-right-line,
  move-link-up-line
* enhancement: new edit actions kill-word-back, move-backward-word,
  move-forward-word
* enhancements 687, 688: options ui.tabs.top, ui.show_menu_bar_always
* enhancement: highlight links as one enters link prefixes
* enhancement: backspace backs out the last digit of the prefix
* enhancement: in text type-ahead searching, don't follow current link
  on enter
* enhancement: add support for parsing space separated CSS class
  attribute values
* enhancement: make meta refresh content attribute parsing more tolerant
* enhancement: recognize meta http-equiv="cache-control" even if no
  refresh
* enhancement: mouse wheel support over GPM (contrib/gpm-wheel.patch),
  and on BSD via moused -z 4
* enhancement: 24-bit truecolor mode
* enhancement 622: -dump-color-mode
* enhancement 994: treat only termios.c_cc[VERASE] as "Backspace"
* enhancement: support Ctrl+Alt+letter key combinations
* enhancement 381: reduce memory consumption of codepages and some
  other arrays
* enhancement in user SMJS: new properties/functions elinks.action,
  elinks.execute, elinks.globhist, elinks.load_uri, elinks.vs

Build system and compile-time errors (ignore if you don't build ELinks):

* serious Debian bug 464384: fix warnings in alignof, ssl_connect, and
  printing of off_t values
* bug 725: fix version checking for Ruby in 'configure'
* enhancement: if make -k was used and a sub-Make fails, build the
  rest before propagating
* enhancement: make uninstall
* experimental enhancements: --with-python=DIRECTORY, --with-gc=DIRECTORY
* experimental enhancement: Win32 port (build with MinGW MSYS)

Changes in the experimental ECMAScript support:

* disabled by default, as mentioned under ``Incompatibilities'' above
* execute event-handler scripts as function bodies, so ``return''
  statements work as intended
* fix error ``forms.namedItem is not a function''
* enhancement: SEE ECMAScript backend, an alternative to SpiderMonkey
* enhancement: handling onsubmit
* workaround: window.open remembers the last few URLs and doesn't
  reopen them when incremental rendering reruns the onload script
* enhancement: better handling of form.action assignments
* enhancement: form[x] looks up controls also by 'id', not only 'name'
* enhancement: added document.location.href, input.selectedIndex,
  window.setTimeout, window.status

Changes in the experimental NNTP client:

* HTML escape header field values
* Add support for handling RFC2047 encoded words
* Improve listing of articles for groups

Changes in the experimental SGML/DOM implementation:

* enhancement: minimalistic RSS renderer
* enhancement: source highlighting also recognizes
  application/xhtml+xml and application/docbook+xml.  It doesn't yet
  support arbitrary XML though.
* enhancement: make it possible to use more CSS properties with the
  source highlighting
* enhancement: handle <base href=""> for HTML source rendering
* enhancement: add support for scanning comment endings such as
  '--!>' correctly
* enhancement: incremental parsing
* and more.

ELinks 0.11.6.GIT now:
----------------------

To be released as 0.11.7.

* critical bug 1077: fix crash opening a ``javascript:'' link in a new
  tab

ELinks 0.11.6:
--------------

Released on 2009-03-21.

* critical: fix double-free crash if EOF immediately follows </MAP>
* critical bug 1053: fix crash if a download finishes after ELinks has
  closed the terminal from which the download was started
* major bug 1004: ignore locales when comparing HTML element names and
  similar strings, so e.g. ``title'' matches ``TITLE'' even in the
  Turkish locale
* minor: clicking a link with the mouse activates that link, rather
  than the one selected with move-cursor-* actions
* build bug 1047: attempt to make inline functions satisfy C99 6.7.4p3
  so that ELinks can be built on OpenSolaris

ELinks 0.11.5:
--------------

Released on 2008-09-21.

* critical bug 1027 in user SMJS: make elinks.keymaps treat null and
  "none" as equivalent actions, avoiding a segfault
* critical bug 1030: an assertion used to fail in the search dialog
  on systems that lack a usable <regex.h>
* major bug 503: various fixes in parsing and updating of elinks.conf
* bug 698: Attach controls to the intended form even if it is
  incorrectly nested in a table.  (Was broken in 0.11.4.)
* build bug 1021: fixed uninitialized variable in http_got_header
* build: don't use libgnutls-openssl, which is no longer GPLv2
  compatible in GnuTLS 2.2.0

ELinks 0.11.4:
--------------

Released on 2008-06-20.

* critical bug 755: fix crashes due to dangling pointers to struct
  form_state
* critical bugs 613, 714, 961: ``assertion list_empty(form_controls)
  failed''
* critical bug 945: don't crash if a Lua script calls e.g. error(nil)
* critical bug 1003: don't crash if a smart URI rewrite template gets
  too few parameters
* critical bug 1016: avoid JSFunctionSpec for better compatibility
  across versions of SpiderMonkey
* critical bugs 674, 956: don't reuse pointers to SpiderMonkey objects
  that may have been collected as garbage.  This fix causes bug 954.
* CVE-2007-2027: check if the program path contains "src/" before
  using ../po files
* important Debian bug 380347: prevent a buffer overflow in entity_cache
  and a possible subsequent crash
* major bug 788: don't read STRLEN n_a, which isn't initialized by
  POPpx of Perl v5.8.8 and later
* fix query parsing in file: URIs for local CGI (was broken in 0.11.3)
* bug 691: don't look up bogus IPv4 addresses based on characters of a
  hostname
* bug 712: GnuTLS works on https://www-s.uiuc.edu/[]
* fix active and passive FTP over IPv6
* bug 938: elinks -remote no longer needs a controlling tty
* bug 939: fix FSP directory listing (some compiler options left it empty)
* bug 978: Python's webbrowser.open_new_tab(URL) works since now
* bug 1012: compile with -fno-strict-overflow or -fwrapv if available
* bug 1014: fix incompatible pointer type in Perl_sys_init3 call
* minor bug 54, Debian bug 338402: don't force the terminal to 8 bits
  with no parity, and don't disable XON/XOFF flow control either
* minor bug 951 in user SMJS: garbage-collect SMJS objects on 'File ->
  Flush all caches' to work around their holding cache entries busy
* minor bug 396: never show empty filename in the what-to-do dialog
* minor bug 461: ensure contrast in blank areas, to keep the cursor visible
* minor bug 928: properly display no-break spaces in a UTF-8 document
  if the terminal uses some other charset
* minor bug 987: English spelling and grammar corrections
* minor bug 1000: preserve any query and fragment when converting a
  file name to a file:// URL
* minor: don't assume sizeof(int)==4 in bittorrent
* trivial bug 947: document.html.wrap_nbsp also affects text in tables
* trivial bug 997: fix unlikely stack corruption in active FTP
* build bug 1002: fix ``comparison is always true due to limited range
  of data type'' warning on PowerPC and s390
* build bug 950: fix ``config/install-sh: No such file or directory''
  on SunOS
* build bug 936: fix errors about undefined off_t (autoheader
  incompatibility)
* build bug 959: test in configure whether -lX11 works
* build: update SpiderMonkey configure check Debian compatibility
* build: use $(CPPFLAGS) rather than $(AM_CFLAGS)
* build: disable GCC 4.2 warning about builtin_modules
* build: move debian/ to contrib/debian/
* minor build bug 989: AsciiDoc 8.2.2 compatibility
* minor build bug 960: fix errors in loadmsgcat.c if mmap() exists but
  munmap() doesn't

ELinks 0.11.3:
--------------

Released on 2007-04-15.

* critical bugs 846, 870: fix crashes in web ECMAScripts and SMJS user
  scripting
* critical bug 927: fix null pointer crash if META Refresh is in a
  table cell
* critical bug 941: fix assertion failure or memory corruption if FTP
  server responds to PASV with status 200
* critical bug 729 in experimental BitTorrent: fix crashes with
  various bogus BitTorrent URLs
* critical bug 868: fix segfault in check_timers
* critical bugs 897, 919: fix crashes on operating systems lacking
  mremap()
* critical: fix null pointer crash if XBEL bookmark has no title
* critical bug 760: fix crash when moving bookmarks out of a folder
* critical: fix crash in an empty file-extensions menu
* critical bug 715: fix null pointer crash caused by malformed proxy
  setting
* critical: fix SMJS null pointer crash on exit
* critical bug 880 in experimental Python scripting: fix null pointer
  crash with -no-home
* major Gentoo bug 121247: fix segfaults in Ruby user scripting
* major bug 908: don't write to freed memory when the user pushes a
  radio button
* major bug 937, CVE-2007-5034: don't send the entire HTTPS request to
  a CONNECT proxy
* bug 899, Debian bug 403139: recognize >2GB files in FTP directory
  listing, if off_t is large enough
* bug 942: encode/decode file names in FTP URLs, so they can contain
  spaces
* bug 741: don't recognize HTML comments inside STYLE elements
* bug 769: fix MD5 computation/formatting in HTTP digest
  authentication
* fix POST to local CGI
* remove a garbage character from the end of the authentication prompt
* bugs 872, 886: editing or deleting cookies in the cookie manager
  should cause a save
* secure file saving: restore umask after *all* failure conditions
* decode the fragment identifier extracted from the URI when looking
  it up
* bug 768 in experimental Python scripting: link with e.g. -lpython2.4
  rather than -lpython
* minor bugs 830, 831: changes in parsing of -remote arguments
* minor Debian bug 313696 and other translation updates
* enhancement 24: fix searching past unselectable elements in menus
* enhancement: recognize function keys and backspace/delete on FreeBSD
* enhancement 772: recognize Shift-Tab on XTerm
* enhancement: place cursor on listbox rather than button, to help
  screen readers
* enhancements in text wrapping
* enhancement 767: recognize URL in META Refresh even without "URL="
* enhancement 396: search for "<html>" if the server doesn't specify a
  Content-Type

ELinks 0.11.2:
--------------

Released on 2006-11-19.

* critical bug 841, CVE-2006-5925: prevent enabling the SMB protocol
* critical bug 786: fix crash when following a link in frames
* print off_t with custom OFF_T_FORMAT instead of PRId64
* build: Minix3 compatibility

ELinks 0.11.1:
--------------

Released on 2006-01-29.

* work around null pointer crashes in HTTP digest authentication
* fix assertion failure with document.plain.display_links and
  uppercase URIs
* fix Gopher crashes
* enhancement 630: native FSP protocol support (replaces CGI program
  in contrib/cgi/)
* SMJS user scripting: check for hooks.js before trying to load it
* SMJS user scripting: the elinks.preformat_html hook gets a second
  argument: a view_state object with .uri and .plain properties
* bug 921 in Lua scripting: fix current_document_formatted
* if given "a?b" in the command line, try to guess whether the
  question mark is part of the file name or indicates a query part
* updated character entity list from unicode.org
* build: use asciidoc -unsafe for AsciiDoc 7.0.4 compatibility
* build bug 738: fix "/config.charset" error triggered by building in
  the source directory

ELinks 0.11.0 (Elated):
-----------------------

Released on 2006-01-01.

* SSL support via GNUTLS now requires 1.2 or higher
* support for Lua 4.x was dropped, we only support Lua 5.x now
* Python scripting back-end (experimental)
* Spidermonkey based ECMAScript scripting back-end (experimental)
* 88 colors support
* default URI-rewrite rule, used when no other rules match but the string that
  was entered in the Go to URL box does not resemble a URI
* support prefixes for add-bookmark-link, document-info, goto-url-current-link,
  history-move-back, and history-move-forward
* BitTorrent protocol (experimental)
* FSP protocol via a CGI script (see contrib/cgi/README.FSP) (experimental)
* enhancement 694: sysmouse support on the BSD console
* new GNU make based build system (aclocal from automake is still required)
* move from CVS to GIT

ELinks 0.10.6:
--------------

Released on 2005-09-15.

* external editor is configurable at run-time

ELinks 0.10.4:
--------------

Released on 2005-04-06.

* explicit keyboard accelerators were defined for buttons in dialogue boxes and
  are now highlighted

ELinks 0.10.2:
--------------

Released on 2005-01-30.

* Ruby scripting back-end (experimental)
* Debian package files (apt-get install devscripts && debuild -uc -us)

ELinks 0.10.0 (Thelma):
-----------------------

Released on 2004-12-24.

* licensed under GPLv2 only
* simple CSS
* simple JavaScript/ECMAScript support by the SpiderMonkey Mozilla JS engine
* plain-text mark-up (_^Hx to underline, x^Hx to embolden)
* HTML source high-lighting using DOM implementation
* multiple URIs on the command line
* tabs moving (press Alt-'>' or Alt-'<')
* periodic snapshotting of all tabs in all terminals
* exmode CLI support (press ':' followed by action and args) (experimental)
* cursor routing (aka w3m-style navigation)
* modal text-input form-fields editing (enabled by default)
* manual cookies creating and editing
* incremental searching (press '#/')
* Perl scripting back-end (experimental)
* build-time configurability and feature documentation through features.conf
* Mozilla-compatible -remote option (http://www.mozilla.org/unix/remote.html[])
* support for specifying IP family as protocol postfix (e.g. http4 or ftp6)
* internationalized domain names via libidn (RFC 3490)
* data URI protocol (RFC 2397)
* gopher protocol (RFC 1436)
* NNTP protocol (RFC 977 and RFC 2980) (experimental)
* build system fine-tuned to use automake conditionals
* -localhost option to block connections to remote hosts
* -verbose option to control messages printed at startup
* -default-keys command line option to ignore user-defined keybindings
* -confdir option renamed to -config-dir
* -conffile option renamed to -config-file
* enhanced documentation

ELinks 0.9.2:
-------------

Released on 2004-09-24.

* directional links navigation
* 'unset' configuration directive, which can be used, e.g., to delete default
  MIME type settings or external protocol handlers.

ELinks 0.9.1:
-------------

Released on 2004-01-23.

* support <object> tags by displaying a link to the data
* add beginning-of-buffer and end-of-buffer actions for text fields
* automatic session saving/restoring support (disabled by default)
* add-bookmark-tabs (bookmark all tabs) option and menu item
* fold successive blank lines when displaying a plain-text document
  (disabled by default; use the option document.plain.compress_empty_lines)
* 'fresh' color for any tab that has not been selected
  since its document was loaded

ELinks 0.9.0 (Skyrider):
------------------------

Released on 2003-12-24.

* used gettext for internationalization
* support for background document colors
* tabs support
* new MIME subsystem adding mimetypes files support
* local CGI support
* Guile scripting extensions
* HTML meta refresh
* forms history
* 256 colors support
* regex searches
* cookies manager, cache manager and download manager
* document marks support
* displaying URIs in plain documents as links
* SMB protocol support (requires smbclient)
* builtin user prefixes support (enter 'gg' or 'gg:elinks' to the goto dialog)
* HTTPS proxy support
* typeahead link searching (press '#')

ELinks 0.4.0 (Iceberg):
-----------------------

Released on 2002-12-24.

* merged HTTP_AUTH
* basic proxy auth support
* cookies parser rewritten
* support for tabindex,accesskey,title attribute
* FTP support dramatically improved: bugfixes, interoperability fixes, passive
  mode support, ...
* global history support (+vlink support)
* make some modules (cookies,bookmarks,globhist,..) optional at compile time
* secure saving support (see secure_save option desc. if you're doing weird
  things with your links files like symlinking or nonstandart permissions!!!)
* support for utf8 i/o
* mouse wheel support
* portability enhancements
* performance enhancements
* file/http gzip/bzip2 decompression support
* downloads resuming support
* mailcap support
* hierarchic bookmarks support, XBEL bookmarks support
* source layout was dramatically reorganized
* relocated ELinks configuration files, changed format (if you are upgrading
  from Links or older ELinks version, read INSTALL file to see how to convert
  your old config files!!!)
* options are now in tree hierarchy and are configurable generically
* keybindings can be configured from the user interface
* colorful user interface
* tiny useless LED-like indicators support
* GNUTLS support parallel to the OpenSSL support (fixes some license issues)
* extensive memory debugging support

ELinks 0.3.0:
-------------

Released on 2002-03-02.

* unhistory
* external textarea editor
* DNS rewrite - we handle multi RR per host correctly
* IPv6 support
* rewritten options handling
* bookmarks filtering (aka bookmarks search)
* bookmarks resaving (save on the disk after every change)
* added possibility to change default colors settings

Links 0.96-pb3:
---------------

Released on 2001-10-26.

* secured cookies file creation
* support for title attribute of img tag
* Catalan translation
* Romanian translation
* changing of User-Agent string sent to webserver
* <listing> tag support

Links 0.96-pb2:
---------------

Released on 2001-10-06.

* cookies expiration, saving and resaving
* do NOT strip everything after ? in form action
* http referrer, true http referrer
* limited textarea external editor support
* partial fix of &#13;
* enhanced manual page
* fixed multi-level HTTP moved when using -dump/-source
* fixed keybindings