Snoopy / News: Recent posts

A security vulnerability was fixed in the latest 1.2.4 version of Snoopy. It was possible to send shell commands through https url fetches that are not properly sanitized by the PHP program using Snoopy.

- fixed potential security issue with unchecked variables being passed to exec (for https with curl) (gene_wood)
- fixed BUG # 1086830 : submitlinks,fetchlinks and submittext expandlinks with the URI of the original page not the refreshed page (gene_wood)
- fixed BUG # 1077870 : Snoopy can't deal with multiple spaces in a refresh tag (gene_wood)
- fixed BUG # 864047 : Root relative links are treated as relative (gene_wood)
- fixed BUG # 1097134 : Undefined URI_PARTS["path"] generates Notice (gene_wood)

This release is primarily bug fixes:

- fixed BUG # 1014823 : Meta redirect regex inaccurate (gene_wood)
- fixed BUG # 999079 : Trailing slashes not removed in uri passed to fetchlinks (gene_wood)
- fixed BUG # 642958 and 912060 : $URI_PARTS["query"] causing undefined variable notices (gene_wood)
- fixed BUG # 626849 : cURL security risk (Tajh Leitso, gene_wood)
- fixed BUG # 626849 : Corrects the redirect function under the submit functions (Tajh Leitso, gene_wood)
- fixed BUG # 912060 : Undefined variable: postdata (gene_wood)
- fixed BUG # 858526 : win32 tmp/$headerfile create error (gene_wood)
- fixed BUG # 929682 : Called undefined function is_executable() on line 194. (gene_wood)
- fixed BUG # 859711 : typo: http://snoopy.sourceforge.com (gene_wood)
- fixed BUG # 852993 : double urlencoding breaks redirect (gene_wood)
- added proxy user/pass support (Robert Zwink, Monte)
- fixed post data array problem (stefan, Monte)

fixed a few bugs, and one that was introduced with newer versions of PHP.

Snoopy supports SSL via the cURL package.
Also added the ability to strip form elements from web pages.
A few misc bug fixes as well.

A redirect bug fix, added cookie passing on redirects, and added support for following framed content.

Snoopy now has a home on SourceForge. It is a PHP class for simulating webclient - it can fetch webpages and submit form data. Testers are wanted as well as people interested in further developing the functionality.