[Catalyst] Static::Simple 0.09 - security fix

[Andy Grundman]

Static::Simple 0.09 has just been released.  This version fixes a 
potential security hole where someone could download raw template files 
if they know the correct file name.  By default, it will now ignore all 
files with extensions of tt, html, and xhtml.  From the docs:

Ignoring certain types of files

There are some file types you may not wish to serve as static files. 
Most important in this category are your raw template files. By default, 
files with the extensions tt, html, and xhtml will be ignored by 
Static::Simple in the interest of security. If you wish to define your 
own extensions to ignore, use the ignore_extensions option:

   MyApp->config->{static}->{ignore_extensions} = [ qw/tt html xhtml/ ];

Ignoring entire directories

To prevent an entire directory from being served statically, you can use 
the ignore_dirs option. This option contains a list of relative 
directory paths to ignore. If using include_path, the path will be 
checked against every included path.

     MyApp->config->{static}->{ignore_dirs} = [ qw/tmpl css/ ];

For example, if combined with the above include_path setting, this 
ignore_dirs value will ignore the following directories if they exist:

     /path/to/overlay/tmpl
     /path/to/overlay/css
     /dynamic/path/tmpl
     /dynamic/path/css
     /your/app/home/root/tmpl
     /your/app/home/root/css

-Andy