Supported (but not tested enough) "Location" and "Status" CGI script output directives. Your feedback would be appreciated.
Supported CGI command line options, mostly used for ISINDEX query.
Changed the algorithm of determining requester's host name. Now the address resolved back an forward to produce a true picture.
Fixed some minor bugs with launching CGI scripts and tested with ActivePerl by ActiveState.
Introduced a resetter thread that shuts down the sockets that are completely inactive for 5 minutes.
Duplicate binds are now reported.
It is now possible to bind the daemon to specified port (secong command line parameter) and specified address (third commandline parameter).
Now supports more CGI environment variables.
0.6 (17 December 1997)
Fixed a bug with pointer access violation after calling gethostbyname().
0.7 (21 December 1997)
TinySSL gets available.
0.7/SSL (2 May 1998)
TinySSL uses SSLeay DLLs v0.9.0.
0.9 (18 May 1998)
Fixed a bug that added extra CR/LF after CGI output.
"GMT" abbreviation was not added after "Date:" and "Last-Modified:".
Added "If-Modified-Since" support to be proxy-friendly and mirroring-friendly.
Quick Tip: Don't cruise the cyberspace alone; go with a group! Use a caching proxy server.
Fixed environment processing (thanks to Koos Lodewijkx)
TinySSL uses SSLeay DLLs v0.9.0a. You should upgrade from previous version to avoid PKCS#1 padding attack.
Now compiles with Delphi 2.0-4.0
Fixed "CGI Script Returned Nothing" bug while trying to invoke non-existent .EXE application using CGI (thanks to Rainer W. Gerling).
CGI applications are now executing with SW_HIDE instead of DETACHED_PROCESS. It allows to run .EXE application from perl scripts. See helloexe.pl example inside TinyWeb package (thanks to Ada Neznamov).
Added WaitForInputIdle() call to prevent from running GUI applications as CGI.
1.6 (21 January 1999)
Fixed problems with executing CGI, when script name or executable name contained space characters (thanks to Nick McDaniel).
TinySSL is shipped again with 0.8.1 SSLeay DLLs as testing has shown them as most stable, though they were vulnerable to PKCS#1 padding attack. See www.openssl.org for the developed versions of SSLeay library.
1.8 (14 January 2000)
Improved TCollector.Collect routine, it's now 100 times (or even more) faster.
Martin Lafferty made a provision to run DOS CGI under WinNT
1.94 (06 April 2017)
Added an additional check that the requested file name is safe (see LocalFNameSafe and FileIsRegular): that the file is a normal file rather than a device name, that the file is kept in a directory that does not have hidden or system attribute.
When the sever wants to close the connection due to an error and the client did send the "Connection: Keep-Alive request" header, some clients thought that the connection should continue despite the server didn't send the "Connection: Keep-Alive" response header. Now, in these cases, the server explicitly send the "Connection: Close" response header.