~psiphon-inc/psiphon/trunk

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
-------------------------
Psiphon CHANGES
-------------------------

Version 2.3
-----------

* Initial open source release

Version 2.4
-----------

* Clarified installation documentation to describe the workflow that should be used now that IP address validation is enabled.  It is now necessary to connect locally to localhost first, then configure proxies for each host that will directly connect, and finally configure the VirtualHost in httpd.conf
* Changed the default processing workflow, added an array of parsers to check against for post-parser processing, added sniff_BOM() function for charset encoding detection when encoding info is not present in headers and meta tags
* Changed some xml2enc options names to be more intuitive, added js MIME type for xml2enc processing
* Added jsf_interoplate_vars function that expands constructs like ${var} in the replacement string to 'var' values, where 'var' is a name of the server environment variable
* Split $record_user['proxy'] into $record_user['current_proxy'] and $record_user['assigned_proxy']. Cleaned up login-time checks
* Removed default argument to echo_proxy_combo, as it was causing bugs (and updated usages). 
* Created helper to cast (POST/GET) string to int. (And used it.)
* In users.php, cleaned up proxy validation and default selection code.
* Made users.php a little more readable.
* fixed some buges introduced by spitting 'proxy' to 'current' and 'assigned'
* Fix for 'mailto:' URIs
* Changed the in-proxy verification method. It is done by hostname now, not by IP 
* Added new youtube regex rules
* Custom per proxy login URLs implemented
* Ubuntu easy install script 

Version 2.5
-----------

https://bugs.launchpad.net/psiphon/+bugs?field.tag=category1
https://launchpad.net/psiphon/+milestone/2.5

* Added Propagator Class and removed Node Admin/Node Host.  Propagator is associated with multiple proxies and manages Power Users on all associated proxies.  
** Managing Power Users consists of viewing the list of Power Users, including their invite stats; inviting new Power Users; and assigning Power Users to proxies within the set the Propagator manages. 
** Also, when the Admin transitions users, if a Power User is transitioned to a new proxy, his managing Propagators are automatically granted access to the new proxy.

495628 The ability to associate user classes with subsets of nodes will make the Node Host user class redundant with Node Admins 

* URL encryption is removed.  It's no longer necessary as all in-proxies are fully controlled VPS instances: we can ensure that URLs are not logged.  Removing URL encryption has some side benefits, enumerated below.

457474 URL encryption breaks caching
457433 Display plaintext URL in status bar when hover over links
457417 Session expiry in middle of browsing causes 404

* A user can create a new account using a previously registered email address.  This enables a form of recovery: an email can be recycled from an abandoned account.  The new account is not associated with the old account and no other data is transferred or recovered.  The old account remains active, but with no email address associated with it.

552603 Allow recovery of email address from lost account
457345 Determine policy regarding account-deletion (and freeing up email addresses)
551906 The rate-limiting mechanism on 'invalid' email-registration requests locks out users for one hour

* Real email queue.  Instead of writing emails to a database table which is processed by a cron job, emails are sent directly to an email queue daemon.

495598 Delay before sending (first) invitation email is too long
496720 Real email queue

* "Mobile" content delivery.  A rule set determines whether a custom user agent is presented to content sites based on domain/URL.  This allows us to present, for example, the mobile user agent "Mozilla/4.0 (U; PalmOS)" for the YouTube upload page.  The rule set configuration is similar to the "JSF" rules.  Each rule can have a different user agent.  Rules apply by longest matching URL.

457400 General mechanism for redirecting to "mobile" or "Basic HTML" sites where necessary

* Added a Reporter user class to allow access to the report screens only.

581890 Create Reporter/Auditor user class

* Guest browsing management screen usability enhancements.

524642 Guest browsing: Indicate newly created link
524644 Guest browsing: Sort list of links

* Password reset is now a link to a separate form instead of a checkbox in the normal login form.

457371 Improve password reset (new: security concerns here)

* Replaced language combo with language bar on all screens.  Login page language selection now takes immediate effect.

457468 Login page language issues

* Other bug fixes

457405 Bookmarks should add omitted "http://" automatically
457412 Display processing_errors in edit form in users.php
497506 users.php: Edit user: If current user does not have full_account permission, initial focus is incorrect
513861 "Browse" link on email address verify-success screen doesn't work when logged in
561827 Arabic translation has some broken right-to-left text
562405 Pages without proper right-to-left direction style

Version 2.6
-----------

* Integrated PsiphonX

* Resizing blue bar for mobile browsers

* Site compatibility (see /www/site-compat for sites)

* Change the /001/ browsing prefix to /b/

* user creation is broken

* Use proper 30x HTTP codes when doing redirects

* Link for password reset

* Display user class on the profile screen

* Default homepage for invites

* "stay logged in" option

* Propagator proxy notes

* Mobile mode notification and exit link

* Delete account information for unused accounts

* Users screen: add sorting and filtering

* Invite screens and email should indicate expiry of invitations

* Allow users to delete own account

* Allow recovery of email address from lost account

* Non-standard <image> tag is not rewritten

* Use a custom user agent to direct users to the mobile twitter site

* General mechanism for redirecting to "mobile" or "Basic HTML" sites where necessary

* Should password field(s) come before email in account-creation form?

* Proxy-in hostname appears in the Referer header

* Custom javascript injection

* DB schema updates history table added 

* db_update.sh script added to tools