Versions Compared

Old Version 289

changes.mady.by.user Matthew Wagner

Saved on

compared with

New Version 290

changes.mady.by.user Matthew Wagner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleXperienCentral R31

XperienCentral R31

Release date: March 4, 2021


Note

Minimum Version Required for Upgrading to XperienCentral

R30.1

R31

Upgrading to XperienCentral R31 requires a minimum version of R26. If you are upgrading from XperienCentral R25 or lower, you must first upgrade to R26 and then upgrade to XperienCentral R31.


HTML
<br />

Default Content Language

  • A change has been made to how the default content language is determined. Beginning in XperienCentral R31, the default language is the language that has the rank of "1" in the list of supported languages in the Language Labels panel.
  • In XperienCentral versions R31 and higher, the default content language is set to Dutch.
  • After upgrading to XperienCentral R31, ensure that the default content language for your channel(s) in the edit environment is correct. See Setting the Default Content Language for XperienCentral.
  • In some cases, the new default language setting can have an effect on the default language of the home page on the website frontend. After upgrading, check the language used by your home page on the frontend by default.

New WYSIWYG Editor

In XperienCentral R31, a new WYSIWYG editor has been introduced. It generates HTML in a slightly different way than the old editor. The changes introduced by the new WYSIWYG editor are:

  • Heading tags (<h1>-<h6>) and <p> tags are no longer wrapped in a <div>.
  • <b> tags are replaced by <strong> tags.
  • <i> tags are replaced by <em> tags.
  • Indendation in lists is now rendered using nested lists instead of <blockquote/> elements.

After ugrading to XperienCentral R31, HTML already stored in existing elements remains unchanged. All new HTML produced after the upgrade will be generated in the new way. If you edit an existing WYSIWYG element, it will be upgraded after saving. In some cases, extra whitespace may be introduced between elements.

GX Software recommends that you check new or modified WYSIWYG elements after upgrading to R31 in order to determine whether you need to tweak your CSS to accommodate the behavior of the new WYSIWYG editor.

Connector Definition for AJP/1.3 Connections

In Tomcat versions 8.5.51, 9.0.31 and later, the connector definition in the server.xml file must contain the attribute secretRequired="false" for AJP/1.3 connections. Please check your server.xml file and ensure that the connector definition contains this attribute. For example:

<Connector port="8009" enableLookups="false" redirectPort="8443" debug="1" protocol="AJP/1.3" secretRequired="false" URIEncoding="UTF-8" connectionTimeout="600000" />

getPersonalizationXMLData

The getPersonalizationXMLData method in the PersonalizationXMLDataProvider API has been changed from

String getPersonalizationXMLData(HttpServletRequest request);

to

String getPersonalizationXMLData(HttpServletRequest request, HttpServletResponse response);

If you use this method, you must refactor your code to cope with the modification.

Delete Cache Before to Logging in to an XperienCentral R31 Installation Running Locally

Due to a change to internal JavaScript files in this release, GX Software strongly recommends that you delete your browser cache if you run a local installation of XperienCentral R31 before logging in for the first time. This does not apply to XperienCentral running on an Apache web server.




...

Expand
titleXperienCentral R30.1

XperienCentral R30.1

Release date: December 10, 2020


Note

Minimum Version Required for Upgrading to XperienCentral R30.1

Upgrading to XperienCentral R30.1 requires a minimum version of R26. If you are upgrading from XperienCentral R25 or lower, you must first upgrade to R26 and then upgrade to XperienCentral R30.1.


HTML
<br />

XSS Features

  • In XperienCentral R29.3, extended protections against XSS vulnerabilities have been introduced. A number of input fields in XperienCentral are now more rigorously validated against known XSS attacks. If the value of an input field is forbidden, the old value of the input field will remain unchanged and the upgrade is ignored. You can of course still allow this sort of input by adding it to a trusted list, however GX Software strongly recommends against doing so.
  • When input fields contain unsafe input before the upgrade, the content of these fields remains unchanged after the upgrade. If the content of one of these input fields is subsequently changed to other content considered unsafe, the updated content is ignored and the old (unsafe) content will remain.

External Application Support

  • The External Applications module has been removed from XperienCentral in version R29.3. Because that also removes the xslStyleSheetApplicationInclude.xml presentation, all references to this presentation should be manually removed from your project. For example, in the XperienCentral Community Edition plugin's xslStyleSheet.jspf file, the following line is removed:

     <wm:render presentationName="xslStyleSheetApplicationInclude" />

Uploaded File Handling

  • A new Apache rule should be added when upgrading to R30.1 in order to prevent uploaded files from being be opened inside the browser. Add the following rule to one of the configuration files included in the Apache httpd.conf file: 

         <Location ~ "(/upload|/upload_mm)">
        Header set Content-Disposition "attachment"
     </Location>

See also Linux Server Installation.

xss_allowlist_siteworks_expressions

The setting xss_allowlist_siteworks_expressions was added in this version in the application_settings section of the General tab of the Setup Tool. To avoid generating WARNING messages in the log, change the value of this setting to "wm_language_search.help" (without the quotes).




...