v 0.1.3.3a October 17, 2008 ---------------- Bugfix: TightURL was failing to screen out forbidden extensions such as .exe All users should upgrade to restore this important functionality. Feature: It is possible, if not necessarily advisable, to activate Policy Ban URLs. ex: http://example.com/?ban=abc This will mark the TightURL http://example.com/abc as banned for violating your site's policy/Terms of Service. This feature is activated by setting $pbi in tighturl.config.inc.php and is intended only to allow administrators a fast and easy way to disable URLs in the database. This feature will be secured in a following release against misuse. v 0.1.3.3 September 13, 2008 ------------------ Change: A modification has been made to the URL resolver routine to increase PHP version compatibility. Change: Having discovered a new class of Internet abuse, a Pay-To-Click (PTC) blacklist has been added. Change: Missing blacklist handling is more robust in case any are compltely removed. Change: Upgraded to Bad Behavior 2.0.23, which still generates one warning corrected in the version distributed with TightURL. v 0.1.3.2 July 26, 2008 --------------- Bugfix: Some incorrect information in UPGRADING that referred to some work in progress on the upcoming major release has been removed and replaced with the correct information. Change: A modification has been made to the URI blacklist lookups to try and work around DNS setups that deliberately falsify returned information when the true response is NXDOMAIN. v 0.1.3.1 July 24, 2008 --------------- Bugfix: Some late night last minute packaging errors resulted in an error in the default local blacklist file. This has been corrected. Bugfix: Another slip-up due to the late hour, the installer script creates a database which begins issuing redirection URLs in the ten-thousands instead of zero. This has been corrected. v 0.1.3 July 24, 2008 --------------- Feature: Optional full Bad Behavior integration into TightURL front-end! http://www.bad-behavior.ioerror.us/ Feature: Option to require submitted URLs to exist. Feature: Resolves all submitted HTTP URLs to the end up to 10 redirects. Bugfix: Strip tags embedded within tags in tighturl.tmpl . Feature: New templates for blacklisted URLs, URLs that violate site policy, URLs disabled due to complaints, Greylisted URLs, and previews. Feature: tighturl-install.php preliminary web-based installer and upgrade script. Presently allows for either the initial creation of the tables TightURL uses, or upgrades an existing 0.1.2 or earlier database to the current schema. Feature: tighturl-killbot shell script partly developed to cut off service to abused URLs. An attempt will be made to piggyback maintenance tasks on top of service requests. Feature: TightURL now updates the fields status, lasthit, hits, adddate, addip. These fields were added as necessary for the anti-abuse system. There is no intent to add an ability to view this data for its own sake, however it may later be displayed as part the anti-abuse information in previews. Feature: Updatable urlpatterns, two-level domains pattern, redirector patterns. rejecting URIs of other known redirectors. Feature: Blacklist domains to refuse to create TightURLs for. Feature: TightURL does not accept links to itself; TightURL allows an domain alias to be configured for this purpose. Both the main site and the alias will be recognized with or without a preceeding "www." . Feature: Attempt to stop use of TightURL as an obfuscation service by linking to other redirectors. Feature: TightURL no longer accepts URLs it can't shorten. Change: TightURL now returns 301 redirects instead of 302 Feature: Blacklist Windows executables and other file extensions. Change: TightURL no longer contains any OS-specific code, thus Windows support should be transparent now. Reports about TightURL working or not under Windows, BSD, or OS X would be appreciated. Change: Replaced chkdnsrr with gethostbyname, which should work on non-Unix operating systems without a replacement function. Bugfix: URIBL check was slow and worse did not work. Now works and not slow. BugFix: TightURL now accepts the nasty URLs Yahoo uses. Bugfix: Was truncating URLs longer than 256 characters. New limit on URLs is 2083 characters Bugfix: Inconsistency between config.inc.php and tighturl.sql (closes SF bug 1161870) Bugfix: Fix PHP warnings for defined constants. (closes SF bug 1161874) v 0.1.2 December 3, 2004 ---------------- Bugfix: @ was not considered valid in URLs and should be. Bugfix: Local text about running an experimental service removed from main template. Bugfix: Main template link to TightURL changed from /sourcecode to /project. Feature: Reserved IDs, and Regexes moved into tighturl.config.inc.php Feature: sample config file and sample templates moved to ./local directory Feature: Supports validation of IPv6 URLs. (not supported for URIBL lookups) v 0.1.1 December 2, 2004 ---------------- Bugfix: Bad tighturl.sql file fixed Bugfix: Empty database issue fixed. v 0.1 December 2, 2004 ---------------- Initial Alpha release.