Erlang 18.0 deprecated erlang:now/0 and this was causing compilation errors for Yaws. Add new portability functions to the yaws module: yaws:unique_triple() returns a unique 3-tuple of positive integers, and yaws:get_time_tuple() returns the current time in the same 3-tuple format as erlang:now(). Fix all Yaws modules as needed to call these functions as appropriate instead of calling erlang:now(). Add support to configure.ac, include.mk, and rebar.config.script such that these portability functions are correctly conditionally compiled depending on the Erlang erts version in use.
…levant native file system encoding
… Yaws The requirement was added for the autotools (see ff01069), but not for Rebar. This was an oversight on my part.
The old certificat was signed with sha256WithRSAEncryption algorithm, which is not supported by Erlang releases older than R15B01. So the testsuite failed on these releases. The new certificate is signed with sha1WithRSAEncryption.
And update the testsuite accordingly.
Stacktraces have a dump of arguments for function calls nowadays. Without escaping HTML special characters, it is possible to make yaws_outmod:crashmsg/3 dump strings containing something like "</pre><script>alert('Hello, XSS!')</script>" and thus results in a XSS vulnerability.
… to path
For rebar builds, rather than treating ibrowse as a normal dependency even though it's used only for testing, make rebar.config.script check for the existence of a .rebar/YAWS_DEV_MODE file and only if present, add ibrowse as a dependency. This allows projects that use Yaws as a rebar dependency to avoid having to pull in ibrowse. (Credit goes to Seth Falcon for this idea; he added something like this to the Basho webmachine project for a test-only dependency there, and I borrowed his idea for Yaws.)