summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2020-01-11TUWF::XML: Add xml_string() function + simple test scriptHEADmasterYorhel4-1/+47
2019-12-05TUWF::Validate: Add "onerror" built-in validationYorhel3-6/+25
2019-11-01dbPage: Just return the result list in scalar contextYorhel2-8/+9
This makes dbPage() useful even if you don't need its logic to determine whether there's a next page.
2019-10-01Typo fix in TUWF::Validate docYorhel1-1/+1
2019-10-01Use normal request/response flow for 404 errorsYorhel1-2/+1
i.e. don't throw an exception if no handlers matched. This way the error_404_handler is called before all the `after` hooks are run, as one would expect. The `error_404_handler` setting is the only one without a big WARNING message in the documentation, so it ought to behave like a normal route.
2019-09-08resCookie: Add support for Max-Age and SameSite propertiesYorhel2-6/+22
2019-08-15Add support for JSON::PP and Cpanel::JSON::PPYorhel6-10/+26
Mainly motivated by the fact that JSON::PP is now in core, so that's one less dependency. Cpanel::JSON::PP is supported because some people like it and to avoid loading multiple JSON modules in a single process. TUWF prefers whatever module is already in memory, so if you load JSON::PP at any point before using TUWF's JSON functionality you will not benefit from the XS performance.
2019-07-29Add TUWF::Validate::Interop::elm_decoder()Yorhel1-0/+52
2019-07-06Alright then, have it your way, version 1.4v1.4Yorhel10-9/+12
2019-07-06Version 1.3.1v1.3.1Yorhel10-9/+12
2019-07-06Fix testsYorhel2-2/+2
TBH I'm not sure why some tests failed on loading Cpanel::JSON::XS::Type, did they not have a recent enough version of Cpanel::JSON::XS installed or is my eval-skip-thing not working? ...so I'm not entirely sure if this fixes it.
2019-06-17Year + version bump for 1.3v1.3Yorhel21-20/+36
2019-02-09Fix TUWF::Misc::validate() in multiple value modeYorhel1-1/+1
2018-08-31Add option to write mail()s to the logYorhel2-1/+6
Useful when developing.
2018-08-31TUWF::Validate::Interop: Don't escape @ in html5_validation() patternsYorhel1-1/+5
2018-08-25TUWF::Validate::Interop: Update elm_type() for Elm 0.19Yorhel1-2/+2
2018-08-25TUWF::Validate::Interop: Add experimental elm type & JSON codec generatorsYorhel1-0/+82
2018-06-17Validate::Interop::coerce_for_json(): Add "unknown" config option + inherit ↵Yorhel2-6/+20
that from schema This allows doing some basic normalization (i.e. removing keys) from the generated JSON.
2018-06-10Add experimental TUWF::Validate::Interop moduleYorhel3-18/+237
2018-06-05Convert README to markdown + update links to repoYorhel5-51/+64
2018-05-13Add docs for TUWF::ValidateYorhel2-1/+576
2018-05-12Log reqJSON() on errorYorhel1-1/+4
2018-05-11TUWF::Validate: Add enum validationYorhel2-0/+12
2018-04-17TUWF::Request: Fix reqParams() and reqGets() with zero-but-defined inputYorhel1-4/+4
Broken in previous commit.
2018-04-15Integrate TUWF::Validate with the rest of TUWFYorhel6-17/+168
- Add a 'custom_validations' setting - Add tuwf->compile() to compile with that setting - Add tuwf->validate() as alternative to formValidate() The new tuwf->validate() uses internal state of TUWF::Request, which had to be changed a bit to allow for more efficient validation. Nested schemas in TUWF::Validate now also accept compiled schemas. This stuff totally needs more documentation.
2018-04-14Add experimental TUWF::Validate moduleYorhel3-9/+612
This should replace kv_validate() in the future. It's much more generic and easier to extend. Inspiration drawn from both kv_validate() and Brannigan.
2018-02-18Year + Version bump for 1.2v1.2Yorhel16-16/+41
2018-02-18Actually refer to TUWF::Intro from somewhereYorhel2-1/+5
2018-02-17Add a TUWF::IntoYorhel1-0/+304
2018-02-09TUWF::XML: Small performance improvement of xml_escape()Yorhel2-8/+6
I've tried various things to make TUWF::XML faster, but so far this is the only change that actually has some effect. Can shave off about 1% to 3% of the page load time for pages that are heavy on TUWF::XML usage. And '>' totally doesn't need to be escaped.
2018-02-09resJSON: Fix double UTF-8 encodingYorhel1-2/+1
JSON::XS::encode_json() already does UTF-8 encoding for us, so we need to treat its return value as binary.
2018-02-05Add tuwf->done and tuwf->pass, change error & before hook handlingYorhel4-76/+167
This changes the way that before hooks signal whether to continue processing or not, and is a breaking change for code that uses before hooks with a false return value. This change does not affect the pre_request_handler, so only code using the git version of TUWF is affected. This more generic control flow handling now also permits request handlers for overlapping URL regexes, and tuwf->pass can be used to pass control to subsequent handlers.
2018-02-02Actually honor the import_modules settingYorhel1-3/+3
2018-01-31Add import_modules settingYorhel2-23/+60
2018-01-30Add dbVal()Yorhel2-10/+26
2018-01-22A few more common web MIMEsYorhel1-1/+12
2018-01-05Add .svg mimeYorhel1-0/+1
2018-01-02TUWF::XML: Remove deprecated <menu> tagYorhel2-4/+4
I think I should go over the entire tag list again before the next stable release...
2018-01-02TUWF::XML: Add <main> tagYorhel2-4/+4
Apparently I wasn't using a full html5 reference. Or rather, html5 is still quite a living standard.
2017-12-28TUWF::XML: Fix 'pretty' formatting + disallow end() closing parent tagsYorhel2-4/+10
Html; Head sub { End; # this would previously generate </html>, now it's an error. };
2017-12-28doc/TUWF::XML: Use two-space indents in examplesYorhel1-22/+22
2017-12-28TUWF::XML: Re-add "xml" to export optionsYorhel1-1/+1
Fixes an omission of 35776908b286b3f31a7d14f745f5ec6641c97fd6
2017-12-27doc: Add some more "see also" modules to TUWF::XMLYorhel1-0/+4
2017-12-27TUWF::XML: Support multiple function naming flavorsYorhel3-83/+148
Read: "I've no clue which style is best and everyone has their own opinions, so let's just support everything!" This is a breaking change for the :html5 group, but that group was only added recently and did not yet make it into a stable TUWF release, so there's little actual breakage.
2017-12-26doc: Note a limitation of reqProtocol()Yorhel1-0/+5
2017-12-26TUWF::Request: Fixup: Don't decode_utf8 an ENV var + check POST param namesYorhel1-2/+3
Apparently %ENV doesn't like it when you decode_utf8() in-place, which is, admittedly, not too surprising.
2017-12-26TUWF::Response: Set relative Location in resRedirect()Yorhel2-4/+4
This fixes redirects in the scenario where the reqBaseURI() is not correct, which may happen if there is a HTTPS-terminating proxy in between that TUWF is not aware if (i.e. reqProtocol() is wrong) or when the site is running on a non-standard port and this is not reflected in reqHost(). I've always found the absolute Location header a silly requirement, so I'm glad that RFC 7231 now allows a relative URI.
2017-12-26TUWF::Request: Check for control characters on all client inputYorhel2-29/+29
Seems much safer. I've not tested this patch as well as I'd like, I'll do some more testing later to see if I broke something.
2017-12-24TUWF::Request: Disallow ASCII control codes in urlencoded dataYorhel1-0/+3
This only catches trivial malicious url-encoding attacks; Such control codes can still get in through multipart form data or perhaps even URLs. I'll see if I should protect against those other injection methods, too.
2017-12-24Spice up the default error pages a bitYorhel1-13/+37