FarCry Core 7.2.10 has been released.
This release contains S3 CDN bug fixes including AWS4 signature support, some performance improvements, better 404 handling for some requests, and a number of security enhancements.
Bug
- [FC-1934] - Friendly URL autodetect (pingFU) sometimes fails on initialisation
- [FC-3107] - ACF error when getting a list of scheduled task jobs
- [FC-3108] - Show 404 for downloads when invalid typename is used
- [FC-3111] - Library picker pagination has incorrect formAction URL
- [FC-3113] - Editing a friendly URL in "Manage Friendly URLs" throws an error
- [FC-3114] - Only set ACL on S3 if there are ACLs to apply
- [FC-3116] - autoSetLabel fails if webskin permission is denied to displayLabel
- [FC-3118] - objectBroker removeWebskin() returning a null
- [FC-3135] - application.fc.lib.error.showErrorPage() throws error if a farcry type that no longer exists
- [FC-3139] - Redirects to correct URL case cause infinite redirects
- [FC-3159] - Changing the Navigation alias for Home breaks the entire site
New Feature
- [FC-3142] - enable ftLibraryData & ftLibraryDataTypename for typeahead formtool
Improvement
- [FC-3112] - Improve login performance
- [FC-3117] - Sanitize filenames with lowercase characters to avoid case sensitivity issues across systems
- [FC-3141] - Add endpoints for healthcheck readiness and liveness probes
- [FC-3145] - S3 lib - add S3 path to struct returned by ioGetFileLocation()
- [FC-3146] - show a 404 for non-webtop requests inside core
- [FC-3147] - Update S3 CDN to use AWS4 signing
- [FC-3148] - sanitize sort column and direction in objectadmin
- [FC-3150] - sanitize git/svn client paths
- [FC-3151] - validate state and country data in formtools
- [FC-3152] - remove ActivateURL method from email and URL formtools
- [FC-3153] - encode HTML output in formtools "display" methods
- [FC-3154] - authenticate() test for locked/disabled accounts regardless of password match
- [FC-3155] - rotate and invalidate sessions on login/logout
- [FC-3156] - return the same message for forgot username/password regardless of match to prevent enumeration
- [FC-3158] - remove obsolete scaffolds
Download
Releases available for download from the website:
http://www.farcrycore.org/downloads
Or available direct from GitHub:
