XSLWeb release v4.0.1

Since v3.0.1:

• Several bug fixes.
• Upgrade to Saxon version 10.5, the version that is now recommended by Saxonica as the most stable and reliable release for production use.
• The XSLWeb build profiles for Saxon PE and Saxon EE now download the Saxon jars from Saxonica's Maven repository; no more need to install them in your local Maven repository (see [Support for Saxon PE (Professional) and EE (Enterprise Edition)].(https://armatiek.github.io/xslweb/XSLWeb%20Developer%20Manual.html#support-for-saxon-pe-professional-and-ee-enterprise-edition))
• Serving of static files (StaticResourceFilter, ResourceSerializer) is now handled by a new FileServlet (based on org.omnifaces.servlet.FileServlet) with more extensive support for ETag, If-None-Match and If-Modified-Since caching requests and Range and If-Range ranging requests ("byte serving").
• Added documentation about events and cross site scripting prevention.
• The request XML document is now also passed as stylesheet parameter $req:request-xml-doc to all pipeline transformation steps (see Stylesheet Parameters)
• Added a new XPath extension function transform().
• FIX: The EXPath extension function "file:resolve-path()" now returns absolute paths "as-is" (breaking change).
• Added new logging XPath extension functions debug(), warn(), error(), info(), trace().
• Initial release of the "XSLWeb Debugger" (experimental!).
• Added XPath extension function: parse-html($html as xs:string) as document-node().
• Added functionality to prevent XSS (Cross Site Scripting) attacks (still experimental).
• Added new optional parameter $handle-quoting to extension function external:exec-external().
• Nodes that are stored using the context, session and webapp's set-attribute() extension functions are now no longer copied to a new tiny tree but are stored "as is". Note that this is a breaking change because the node that is returned using the get-attribute() functions is not necessarily a document node, but now can be an element, attribute or other node type.
• The EXPath extension function: file:move() incorrectly throwed execption when the target file already existed. Now works conform specs.
• Ready-to-run distributions are now available for Linux, macOS and Windows 64-bits platforms, containing a Jetty Application Server, OpenJDK 13 and startup scripts. The .war distribution is still available; the tomcat-7-runner "uber-jar" distribution has been removed.
• The former "XSLWeb Quick Start Guide" in PDF format has been converted and extended to the "XSLWeb Developer Manual" in HTML format (using Asciidoctor). The Developer Manual is available through Github Pages.
• The EXPath HTTP Client implementation has been completely rewritten and is now a native XSLWeb implementation (based on the OkHttp library)  .
• XSLWeb's Security is vastly improved and is now based on the Apache Shiro security framework. Apache Shiro is a powerful, easy-to-use and "battle-tested" Java security framework that performs authentication (Basic, Token based, LDAP, JDBC, ActiveDirectory, etc), authorization (subject/role/permission based), cryptography, and session management. The functionality of Apache Shiro is available within XSLWeb through a library of XPath extension functions.
• Dynamic (scripted) extension functions. XSLWeb now offers a completely new way of writing XPath extension functions in Java within the XSLT stylesheet.
• A Cache busting mechanism was added.
• WebDAV support: all webapp's resources (XSLT stylesheets, CSS stylesheets, Javascripts, images) are now available through WebDAV.
• Dependency library upgrades:
  • The Saxon XSLT and XQuery Processor library is upgraded to the version 10.5. This means (among other things) that higher order functions and the xsl:evaluate instruction are available in the Saxon-HE (Open Source) version.
  • The Saxon-JS integration now implements version 2.
  • The Apache Commons Upload, Text, IO, Lang, Collections, E-mail, Exec libraries are all upgraded to their latest versions.
  • The Quartz Scheduler framework is upgraded to version 2.3.2.
  • The Apache FOP (Formatting Objects Processor) is upgraded to version 2.5
  • The c3p0 connection pooling library is upgraded to version 0.9.5.5.

Binaries:

• https://armatiek.nl/downloads/xslweb/xslweb-ready-to-run-v4.0.1-linux-x64.tar.gz (for Linux 64-bits machines)
• https://armatiek.nl/downloads/xslweb/xslweb-ready-to-run-v4.0.1-osx-x64.tar.gz (for macOS 64-bits machines)
• https://armatiek.nl/downloads/xslweb/xslweb-ready-to-run-v4.0.1-windows-x64.zip (for Windows 64-bits machines)
• https://armatiek.nl/downloads/xslweb/xslweb-war-v4.0.1.tar.gz (Linux/macOS)
• https://armatiek.nl/downloads/xslweb/xslweb-war-v4.0.1.zip (Windows)