// $Id: CHANGELOG.txt,v 1.1.2.21 2008-08-25 15:11:58 junyor Exp $ Secure Site 5.x-1.4, 2008-08-25 ------------------------------- - Fixed an unreported issue where sites would not be accessible after upgrading if they were previously using the HTTP Auth with browser work-around setting Secure Site 5.x-1.3, 2008-08-23 ------------------------------- - Fixed issue 167918 (Cannot log-in under IIS): Document work-around (patch by Junyor) - Fixed issue 28408 (Authentication on PHP/CGI installations): Implement and document work-around for PHP in CGI mode (patch by NaX, Roger López, moshe weitzman, Junyor, et al) - Fixed issue 268854 (Securesite breaks drush due to problem running under cli mode): Allow Secure Site and Drush to play well together (patch by JacobSingh) - Fixed issue 103268 (Log-in dialog is displayed on public page after log-out): Don't show HTTP Auth on logout if login was done using normal Drupal login form (patch by wulff, puregin, leop, NaX, Darren Oh, Gábor Hojtsy, salvis, and Junyor) - Removed browser logout work-around option: the browser work-around is now always enabled for HTTP Auth (NOTE: You *must* manually change to the HTTP Auth mode for Secure Site to work if you previously used the browser logout work-around option) - Renamed permission from "access site" to more correct "access secured pages" (NOTE: You *must* manually enable the new permission for relevant roles or only user 1 will be able to access your site) - Make sure guests are allowed when checking if previous guest can bypass authentication - Added descriptions to each setting block and separated the guest settings - Improved watchdog message for anonymous users - Initial work on unit tests using SimpleTest (http://drupal.org/project/simpletest) - Greatly improved Doxygen documentation - Code clean-up Secure Site 5.x-1.2, 2008-04-06 ------------------------------- - Fixed issue 217482 (Logging out does not work in Safari 3): Use browser work-around for Safari, too (patch by NaX and Junyor) - Fixed issue 204191 (Password request form ineffective due to site protection): Finally make the password reset URL work with Secure Site - Fixed issue 169750 (Password reset form requires username and e-mail address, but only asks for one or the other) - Fixed issue 217466 (Logging out results in blank screen and undefined function theme() error in Apache): Let Secure Site work with normal caching (patch by NaX and Junyor) - Fixed issue where the HTML dialog wouldn't use the override dialog in the theme directory (patch by Darren Oh) - Repair page bypass feature broken in the Secure Site 5.x-1.1 release - Style improvements to the HTML dialog - Use the HTML dialog after sending password mails - Show better error messages to users - Correct the password URL sent out in password reset e-mails - Remove "for" HTML attributes on