2010.08.05: Security fix and EM overhaul
2010-08-05The 2010.08.05 release comes with a patched config file. With shell code in hyperlinks on a page, one of the sample (uzbl-core) resp. default (uzbl-browser) button bindings (binding for mousebutton2) would execute this code. This commit fixes that issue. Note that just upgrading your uzbl is not enough. If you have an existing config, the change will not be automatically applied. So be sure you have this change in your config. Thanks Pawel Zuzelski and 'Chuzz' for spotting this. ticket 240 has more info
This release also comes with improvements to the formfiller, and a refactoring of the EM and EM plugins. See the commit for details. I believe the most interesting one is the introduction of hooks for EM plugins. Due to this refactoring, some stuff in the config has changed. You will need to merge these changes from the default/sample config into yours.
There is a whole bunch of further pending contributions, but I'm a bit short on time lately. Stay tuned.
Dieter