...
Expand | ||||||
---|---|---|---|---|---|---|
| ||||||
XperienCentral R39Release date: April 3, 2023
Check Configuration FilesSee Check Configuration Files. Filename ChangesThe following files have been modified in this version of XperienCentral. If you have custom code that references the following files by name, you must modify your code to pick up these changes.
Angular and CSS StylingBeginning in XperienCentral R39.0, GX Software recommends that you prevent Angular panels from rendering inline CSS styling. You should configure your Content Security Policy to block this. In Angular version 12, the so called "critical CSS" is rendered inline by default. This can be changed easily by setting the Java Min/Max VersionIn XperienCentral R39, Java 17 is the minimum and maximum supported version. Password RequirementsThe password strength requirements have been modified in XperienCentral R39. A password must now contain 12 or more characters. While existing passwords will still work after upgrading to R39, GX Software recommends that you encourage your users to change their password after upgrading. Remove the XML Parser PluginAfter upgrading to XperienCentral R39, you should manually remove the "GX WebManager - XML Parser" plugin to avoid errors in the log. See Plugins Management Console. The wmedit: button tagThe wmedit:button tag in JSp's now has a required id attribute. Any custom functionality that uses this tag should be updated to provide a unique id value. Content Security Policy configurationA Content Security Policy is used to let the user’s browser know from which location resources, like Javascript or CSS, can be loaded. XperienCentral now supports configuration of a CSP within XperienCentral itself. Configuration takes places via the Content Security Configuration panel, found in the main menu under Application Tools. Disabling the Content Security Policy FilterThe filter that adds both the CSP header and the nonces (if applicable) can be bypassed when starting XperienCentral. This can be used if the CSP is configured on Apache HTTPD for example or when you are accidentally locked out of XperienCentral due to a CSP misconfiguration. For more information on Content Security Policy configuration see https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
|
...