Release Notes: Support for client-side caching was added. Mime-type-determined parsing was enhanced to skip binary files. Limited support for Web Sockets mode was added. A new "Stream Mode" was added to fix problems when downloading files which exceed PHP's MEMORY_LIMIT. This release fixes some problems with the cookie manager.
Release Notes: This version adds a cookie manager accessible through about:cookies. It also improves support for cookies and expiry times. Some old code has been removed, and the page encryption setting has been moved into the conf file. This version introduces 3 'REFERER' modes: pseudo, disable, and auto.
Release Notes: This release fixes a bug in the URL parser when dealing with URLs with escaped ampersands (SF#3419799). It fixes a typo in the http request module which affected parsing of Content-Disposition headers and several index undefined errors when running in strict mode PHP.
Release Notes: This release fixes a serious loophole in the encryption module of sending the address unencrypted alongside encrypted addresses. It raises the upper bound of the random encryption key generator from 10 to 255. It fixes a bug in the URL parser on special conditions where there is no path in the relative URL.
Release Notes: The URL parser was rewritten, solving parsing of valid URL shortenings. The parser was modified to prevent returning blank pages if the requested page has over 100k characters in embedded JS or CSS. An error of incorrectly determining form type (POST or GET) was fixed.
Release Notes: A problem with jumping out of SSL on HTTPS hosted platforms was fixed. Incorrect parsing of some GET forms was fixed. A vulnerability regarding HTML injections in the URL field on incorrect requests was fixed. The (non-RFC) "refresh:" HTTP header is now respected. New encryption salt is used.
Release Notes: A serious parser bug with incorrect REGEX turning a majority of POST forms into GET forms was fixed. All users on v4.24 and above should update their servers.
Release Notes: A problem in which the URL parser caused major errors in the last version was fixed. The parser was updated to omit tags that begin with "<!" (namely "<!--" and "<![CDATA["). @import tags are now parsed in CSS blocks with "" or '' wrapping URLs.