Skip to content
Commits on May 3, 2011
  1. @jonjensen

    Remove outdated CVS tags

    jonjensen committed May 3, 2011
Commits on Apr 2, 2011
  1. @jonjensen

    Enhance TrustProxy to handle multiple chained proxies

    jonjensen committed Mar 31, 2011
    This can happen if, for example, you have a first proxy at
    which proxies to which then hits your web server that passes
    control to Interchange.
    If you visit from, Interchange will see this HTTP header:
    and the request will have the source IP address
    But if you set this in interchange.cfg:
    TrustProxy,    # order irrelevant
    then Interchange will see past the two trusted proxies and set its
    standard variable $CGI::remote_addr to, so that the customer's
    IP address gets used.
  2. @jonjensen

    Add new pragma cache_control to set HTTP Cache-Control response header

    jonjensen committed Mar 28, 2011
    Can be used in a page like this:
    [tag pragma cache_control]max-age=600[/tag]
    That will send this response header:
    Cache-Control: max-age=600
    Which will tell upstream proxies and browsers to cache the page for 10 minutes.
Commits on Mar 28, 2011
  1. @jonjensen

    Keep using URL session ID & counter in admin

    jonjensen committed Mar 28, 2011
    This provides maximum safety for browsers with cache problems such as
    old versions of Internet Explorer.
Commits on Jan 19, 2011
  1. @jonjensen

    Add new pragma url_no_session_id to suppress session IDs in generated…

    jonjensen committed Jan 18, 2011
    … URLs
    For any site that already requires cookies to function, you can add this
    pragma to the catalog:
        Pragma url_no_session_id
    To disable in a particular page or template file:
        [tag pragma no_image_rewrite 0][/tag]
    It ensures that Interchange-generated URLs won't include mv_session_id,
    id, or mv_pc URL query string parameters.
    This is mostly of interest for search engine optimization (SEO) purposes,
    but is also helpful for making more pages cacheable by a proxy, etc.
Commits on Dec 21, 2010
  1. @jonjensen

    Trust only the last hop before a trusted proxy, when multiples exist

    jonjensen committed Dec 21, 2010
    The original implementation here trusted that the X-Forwarded-For header
    was trustworthy, and when multiple intermediate proxies (or forgeries)
    were present, you could end up with an internal IP address on the remote
    network listed, or something entirely bogus.
    When multiple proxies are present, trust only the one that connected to
    our trusted proxy. Even though that doesn't get us to the "original" IP
    address, it's reliable and public, and the one we would've seen if we
    weren't using TrustProxy at all.
Commits on Aug 10, 2010
  1. @jonjensen

    Tolerate trailing space in US zip code in multizip profile check

    jonjensen committed Aug 10, 2010
    Patch by Josh Lavin of Perusion.
Commits on Jul 9, 2010
  1. @jonjensen

    Add new robot User-Agent

    jonjensen committed Jul 9, 2010
    Thanks to DB <> for submitting it.
Commits on Jul 6, 2010
  1. @jonjensen

    Allow image tag width and height attributes to override getsize

    jonjensen committed Jul 6, 2010
    Normally the attributes would be mutually exclusive and shouldn't affect
    compatibility, since people typically use width and height only when they
    don't want getsize, or allowing default getsize when they don't know
    width and height.
Commits on Jun 8, 2010
  1. @jonjensen

    Remove register link (RT #32)

    jonjensen committed May 26, 2010
Commits on May 25, 2010
  1. @jonjensen
  2. @jonjensen

    Prevent internal server errors caused by very long X-Track response h…

    jonjensen committed May 24, 2010
    Problem found & reported by Brian Miller <> here:
Commits on Apr 7, 2010
  1. @jonjensen

    Sync manifest

    jonjensen committed Apr 7, 2010
  2. @jonjensen

    Added path_only attribute to the [area] tag

    jonjensen committed Apr 7, 2010
    This returns the URL without the leading protocol.
    Written by David Christensen <> on 2008-12-30.
  3. @jonjensen
Commits on Mar 25, 2010
  1. @jonjensen

    Add numeric ordercheck

    jonjensen committed Mar 25, 2010
    Thanks to Ton Verhagen for making it happen.
Commits on Mar 20, 2010
  1. @jonjensen

    Sync manifest

    jonjensen committed Mar 20, 2010
Commits on Mar 18, 2010
  1. @jonjensen

    Update jEdit syntax highlighting mode

    jonjensen committed Mar 18, 2010
    By Justin Otten <>:
    It now handles perly tags much better and properly delegates html tags.
    It also can now recognize custom tags as well.
    I've also updated the list of known SystemTags and Pragmas.
    There is a also a small bug fix with the [comment] tag not being able
    to have attributes.
Commits on Mar 3, 2010
  1. @jonjensen

    Correct Tommi Labermo's name

    jonjensen committed Mar 3, 2010
Commits on Feb 19, 2010
  1. @jonjensen
Commits on Dec 12, 2009
  1. @jonjensen

    Avoid eval in Sys::Syslog::xlate() by using cached constants where po…

    jonjensen committed Dec 12, 2009
    This hack works around a bizarre problem in some versions of Sys::Syslog.
    I believe the bug this works around may no longer exist in the latest
    versions of Sys::Syslog shipped with Perl 5.10.1 and later, which use
Commits on Dec 9, 2009
  1. @jonjensen
  2. @jonjensen

    Add some more user-agents to the robots list

    jonjensen committed Dec 9, 2009
    A few of these include substring "bot", which is already covered,
    but I'm adding them explicitly so they'll still be there in case
    the very short "bot" ever causes trouble and is removed.
  3. @jonjensen

    Fix incorrect debugging message

    jonjensen committed Dec 9, 2009
    (Autoload comes after this comment, not before.)
Commits on Dec 3, 2009
  1. @jonjensen

    Add FullUrlIgnorePort directive

    jonjensen committed Dec 3, 2009
    This allows FullUrl to work with nonstandard ports, other than default
    http port 80.
Commits on Nov 27, 2009
  1. @jonjensen
Commits on Nov 17, 2009
  1. @jonjensen

    Give mv_max_matches (aka mm) some real teeth

    jonjensen committed Nov 16, 2009
    * Make mv_max_matches stop all further searching once the limit is hit,
    rather than loading the entire result set into memory and then truncating
    In my tests with a 700,000+ row products table, this is dramatically
    faster when limiting results to 1000, but surprisingly it adds little
    overhead even when still fetching the entire table.
    * Add pragma max_matches, which takes precedence over user-supplied
    mv_max_matches unless the user-supplied argument is more restrictive.
    Please note that e.g. [pragma max_matches 1000] on a search landing page
    will be processed too late to affect the search, because searches are
    done in an ActionMap that runs before the page is seen.
    You can use a catalog Pragma directive like this:
    Pragma max_matches=1000
    Which will affect everything in the catalog, including the admin.
    If you want to make exceptions to the mv_max_matches limit based on URL,
    you can instead use an Autoload that calls a GlobalSub, like this:
    GlobalSub <<EOR
    sub set_pragma_max_matches {
        $::Pragma->{max_matches} = 1000
            unless $Vend::FinalPath =~ m{^/admin/};
    Autoload set_pragma_max_matches
  2. @jonjensen
  3. @jonjensen

    Remove nonfunctional pragma that would break the admin if it did work

    jonjensen committed Nov 16, 2009
    [tag pragma no_image_rewrite 0][/tag]
    was setting $::Pragma->{no_image_rewrite0} which was of course never used,
    do to a misunderstanding of the [tag pragma] syntax.
    But fixing that bug actually breaks the admin because of this, so I'm
    removing it before the fix.
Commits on Nov 14, 2009
  1. @jonjensen
  2. @jonjensen

    Change log level 'auth' (which doesn't exist) to 'warning'

    jonjensen committed Nov 14, 2009
    'auth' is a facility, not a level.
    The erroneous 'auth' level setting was formerly a no-op because 'auth'
    wouldn't exist in a correctly-configured SysLog hash, but with the new
    logging code it actually passed through as intended and raised an error
    both in /usr/bin/logger and Sys::Syslog calls.
  3. @jonjensen

    Close syslog as late as possible in response cycle

    jonjensen committed Nov 14, 2009
    Moving Syslog::closelog call from close_cat() into connection() to try to
    come after more oddball late log events in the page processing.
    Also use explicit void returns to document that those two subs' return
    values are not important.
  4. @jonjensen

    Add new facility option to SysLog global directive

    jonjensen committed Nov 13, 2009
    This allows redirecting all syslog output to a new facility without
    manually having to specify the target of each level. For example,
    to send to facility local5 instead of the default local3:
    SysLog  facility  local5
  5. @jonjensen

    Remap deprecated syslog levels to modern equivalents

    jonjensen committed Nov 13, 2009
    The logger(1) command supported 3 deprecated syslog levels that syslog(3)
    does not. Map these internally to avoid syslog generating an error itself.
  6. @jonjensen
Something went wrong with that request. Please try again.