HessianProxyFactory has a setOverloadEnable(enable) flag. Overloading is disabled by default.
The CGI servlet has a new executable attribute to specify the program to execute the CGI script with.
Added unclean-shutdown flag to openssl configuration to handle issues with broken browsers.
The new Linux threading model still does not properly implement setuid for threaded programs. So <user-name> has been disabled for Linux. Linux uses should use iptables or an equivalent port mapper to avoid the need for running as root to bind to port 80.
A "current" value for ResinConfigServer uses gethostname for the proper connection.
Added forbidden, not-found, and gone.
<servlet servlet-name="directory" servlet-class="com.caucho.servlets.DirectoryServlet"> <init enable="false"/> </servlet>
The expansion directives (web-app-deploy) now allow an expand-cleanup-fileset to specify which files should be deleted on a new .war deploy.
<web-app-deploy path="webapps"> <expand-cleanup-fileset> <exclude>WEB-INF/data/**</exclude> </expand-cleanup-fileset> </web-app-deploy>
resin:set can now have a default attribute. For default, resin:set will only set the variable if it has no other value.
The CMP 2.1 cmp-field now has an optional auto-generate='false' attribute to handle the situation where '0' is an allowed primary key value.
Persistent store objects now respect the session timeout values. The no longer have longer timeouts when passivated. Previously, the session timeout only applied to memory-based objects.
Expansions (war, ear, host) can now specify which files, if any, should be cleaned up on a fresh expansion.
Special thanks to Nancy Deschenes and G Homicki of Objective Consulting, Inc for identifying numerous fixes to the CGIServlet.