Verj.io Version 5.11.0
Introduction
Welcome to Verj.io V5.11.0.
Click here to read the
installation and upgrade instructions.
Functional changes in V5.11.0
1. Gateway Tunnels.
Configured in the Verj.io
Gateway, Gateway Tunnels allow remote Verj.io Applications running on
trusted Verj.io On-Premises environments and Verj.io Service Plans access to
databases and services that would otherwise be inaccessible outside of the
Gateway’s private network.
Gateway Tunnels work with any TCP/IP application or
service that can be accessed by specifying a hostname and port number,
including: Databases, Email, LDAP, HTTP(s), REST, SOAP and FTP services.
2. Upgrade to tomcat 9.0.63
that fixes:
CVE-2022-29885
– Tomcat documentation fix for the EncryptInterceptor that incorrectly stated
it enabled Tomcat clustering to run over an untrusted network. This was
incorrect and has been resolved in this release.
Bugs
fixed in V5.11.0
|
Number |
Description |
|
336522 |
Server side
validation event not triggered when date is selected using popup window. |
|
336580 |
Creating a new
Presentation Template should enable CSP as default. |
|
336581 |
Server Admin:
Clicking the Data Source information button for a Database connection throws
an error or does not show any information. |
Functional changes in V5.10.2
This release includes an upgrade
to Tomcat to version 9.0.55 and various bug fixes.
- Upgrade to Tomcat 9.0.55 that fixes to important security fixes:
- The bug fix to the Denial
of Service introduced a memory leak. This is fixed in version 9.0.54.
- Request
Smuggling issue where Tomcat did not correctly parse the HTTP
transfer encoding request header in some circumstances leading to the
possibility of request smuggling used in a reverse proxy.
- Replaced logging API Log4J
1.2 with Log4J 2.17.1.
This update will enable customers to customize their logging with all the
latest security vulnerabilities addressed in Log4J2.
The
log4J2.xml configuration file will be automatically copied post upgrade after
the server is has restarted. If not changes were applied to the log4J.xml file,
then the following note can be ignored.
Log4J2 Migration Note
If you
have configured your own logging appenders or any other configuration (for
example JDBC Appender or JMS Appender configuration) to the log4j.xml file:
/UserData/Server/apps/ebase/ebaseConf/log4J.xml
These
changes will need to be applied to the log4j2.xml configuration file as shown
below. Please reference the Log4J2
Migration guide for the appropriate Log4J2 syntax:
/UserData/Server/apps/ebase/ebaseConf/log4j2.xml
Bugs
fixed in V5.10.2
|
Number |
Description |
|
336520 |
Setting a breakpoint
on a Web Resource JavaScript file and clicking the debug icon locks/crashes the
Studio. |
|
336521 |
Error Script
setField: Invalid fieldname mycontrolfield.displayonly in command >SET
mycontrolfield.displayonly = true when setting control property from FPL. |
|
336522 |
Server side validation event not triggered when the date is selected using the popup window. |
|
336523 |
Incorrect path to
Server Resources folder in PWA manifest. |
|
336542 |
Deploy and Run on server does not run the form after the deployment has completed. |
|
336573 |
WebServiceResource doubles the WSSecurity headers when more than one header is added to the SOAP request |
Bugs
fixed in V5.10.1
|
Number |
Description |
|
336506 |
Some operating systems resolve the mime-type for JavaScript files incorrectly when using the prefix $ws. This prevents the browser loading the client script web resource. |
|
336508 |
Public RESTFul Web Service cannot resolve the endpoint if it contains both Path and URL parameters. |
|
336509 |
Losing concatenated properties in object return values from executeFunction. The value is returned as {"empty": false} |
|
336510 |
Using the Workflow API worlkflow.getFilteredJobs() throws an exception when using a POSTGRES database for the UFSRepository. |
|
336511 |
Running an event script in a part page component causes an error when testing the component by pressing the Test Part Page Component from the studio. |
|
336512 |
Search Files does
not find all the JQuery events bound to a control in the Studio. |
Functional changes in V5.10.0
This release includes support for configuring Content
Security Policy (CSP) headers, a new set of file upload controls, and
permissions configuration for web resources.
1.
The
Content
Security Policy (CSP) header can now be enabled and edited in Form
Properties and the Form Property Defaults section of a Presentation Template.
CSP provides an additional layer of security that helps to detect and mitigate certain
types of attacks, including Cross-Site Scripting (XSS) and data injection
attacks. These attacks are used for everything from data theft to site
defacement to distribute malware. CSP support is disabled by default and
can be activated in Form Properties or the Presentation Template.
The output from all Verj.io controls, layouts and
presentation templates is CSP compliant by default. However, developers should
be aware that the configuration of inline CSS and inline Javascript can cause
CSP violations which will prevent a page being displayed.
2.
Several
new File Upload
controls have been added and these provide an alternative to the existing
file upload mechanism using the form.uploadFileFromBrowser() functions.
The new controls provide better customisation and more functionality with
events and API methods, to
make it easier to create a seamless user experience.
3. A new Web
Resource Access section has been added to the Server Admin App which
provides an interface to define a set of permissions required to access Web
Resources. This allows more nuanced control over access to files within a web
application, utilising existing security permissions.
4. The
Verj.io Studio now allows the developer to customize their own Controls
Palette. The Custom Palette allows the developer to organize their most
used controls into a tree structure for convenience and efficiency.
5. The
authentication, authorization and general error pages have been changed to .JSP
files. They will automatically replace the previous .HTM files when upgrading
to 5.10 unless the web.xml file has been modified locally, in which case the
web.xml will need to be manually changed in order to point at the new files.
6. The
HttpHeaderSecurityFilter provides protection against XSS and some other
attacks. This is included into the web.xml supplied with the product. The
filter is not enabled as default, but should be configured for your environment
if your server is exposed directly to the internet. See here
for more information.
7. Security
Fixes:
·
Verj.io Server JQuery version
updated to v3.5.1 which includes fixes to XSS vulnerabilities. Click here
for more details.
·
Http Cookie security
updates when using server scripting client.addCookie():
·
If the connection is secure
(HTTPS), the cookie is automatically set to Secure.
The cookie value is only sent over a secure connection.
·
The cookie attribute HttpOnly
is automatically added to the cookie. This attribute prevents XSS attacks by
preventing scripting API’s from accessing the cookie value. This attribute can
be overridden and switched off in the Server Admin App (Server Properties ->
General Properties).
·
The LDAP protocol using
LDAPServices defaults to using LDAPS unless otherwise specified in the Server
Admin App (Server Properties -> Security Properties).
8. Verj.io
Studio memory and performance fixes.
9. And
many other bug fixes and enhancements
Bugs
fixed in V5.10.0
|
Number |
Description |
|
335417 |
Text Controls lose
their "Contains HTML" setting - only seems to effect controls that
have no content (set programmatically). |
|
335890 |
CornerImage and
ErrorPage sevlets wont work with the HTTP header X-Content-Type-Options:
"nosniff". |
|
335901 |
Upload document does
not work after the upgrade. |
|
336104 |
Error checking or
releasing a workflow process with escalators. |
|
336152 |
Problems styling background colour of form header text after upgrade to V5.4. |
|
336344 |
Error in CSS file
causes an infinite loop in the studio and studio locks up. |
|
336346 |
Ebase calendar
widget always included in rendered page source. |
|
336423 |
Form will not open
and generates a designer lock in form field when a dynamic list is on a print
formŕprint page as displayed as a ticklist. |
|
336475 |
Table
current row not retained when clicking something in a repeater. This is
inconsistent with table controls. |
|
336476 |
Table
not displayed when initially empty when using |
|
336477 |
Cloud Platform
Issue testing RESTful endpoints. |
|
336478 |
Server-side
functions cannot be called from lists within repeaters. |
|
336479 |
RESTful Web
Services do not handle Content-Type headers correctly. |
|
336480 |
Deploying
from the Verj.io Studio to a server that uses a redirect does not work. |
|
336481 |
Workflow API getFilteredJobs() does not take into account timezone. |
|
336482 |
Controls within Repeaters
add styles multiple times for the same selector causing large duplicated
styles. |
|
336483 |
Nested repeaters
generate excessive update controls JSON in the |
|
336484 |
RESTful
web service - onError event does not execute when the restful event fails. |
|
336485 |
Installer
doesn't perform upgrade when installation directory already exists. |
Functional changes in V5.9.0
- This
release includes a number of features that enable compliance with the Web
Content Accessibility Guidelines (WCAG) 2.1. The new features include:
·
New
landmark controls Main Control, Aside Control, Article Control have been added. Together with the existing
landmark Nav, Section, Header and Footer controls, these form a family that can
be used to bring structure to web pages. This helps screen reader users
navigate each page.
·
A
new Heading Control has been added
which enables the use of HTML heading tags <h1> - <h6>. As well as
representing a simple header text, a Heading Control can also contain Text and
Image child controls to build more complex headings.
·
A
new ARIA section has been added to
all controls that support ARIA properties. ARIA is a formal
specification that allows developers to add markup that will be interpreted by
Alternative Technologies (including screen readers).
·
Button Controls have been enhanced to support
Text and Image child controls. One reason for introducing this feature is to
try and discourage the use of onClick events on HTML elements that don’t
natively support clicks e.g. a <div> using a Panel Control, which causes
accessibility problems.
·
A
new option to render radio button and checkbox lists using an HTML
<fieldset> has been added. This is the recommended technique for
displaying these lists.
·
HTML
for field labels is now always generated and written to the browser, even when
the label text is not visible. This change allows form fields to always be
correctly labelled so labels can be read out by a screen reader. This does not
affect the visible page presented to sighted users.
·
HTML
for field help texts is always generated if a help text is configured, even
when the help text is not visible. The help text is then linked to the field
using the aria-describedBy attribute.
A screen reader will then read out the help text after the label e.g. “Field
password, passwords must have at least 8 characters including…”. This change
does not affect the visible page presented to sighted users.
·
ARIA
roles are now added to all error, warning and info messages sent to the user.
This allows a screen reader to alert the user when a message is received.
·
The
ARIA “presentation” role is added to all layout tables. This enables a screen
reader to effectively ignore these tables.
· A number of HTML syntax problems have been fixed involving the removal of unsupported and deprecated attributes.
- Change of behaviour: The
server property Focus to first field
configured using the Server Admin App (Server Properties -> General
Properties) is now moved. By default, focus to first field is disabled and
focus will not be applied to the first field on the page when a page loads
or it is navigated to.
If
this property was previously enabled on your server you can enable the property
by doing either of the following:
- Configure at the Presentation
Template level by selecting Form Property Defaults under property
sets and select the Focus to first
field checkbox.
- Configure on a per Form
level by opening the Form Properties and selecting the Presentation tab.
Under the Focus to Field section: uncheck the Use template setting and
select the Focus to first field
checkbox.
Bugs
fixed in V5.9.0
|
Number |
Description |
|
336066 |
CY_GB language
(Welsh) formats dates as yyyy-mm-dd instead of dd/mm/yyyy. Upgraded
the ICU4J regional formatter to the latest release. |
|
336326 |
Deployment Package does not work – The tree icon shows as a black dot in the Verj.io Studio |
|
336366 |
Unable to edit
property sets in a presentation template that supports ARIA properties |
|
336367 |
LDAP User Attributes do not work when logging in via IIS/AJP |
|
336368 |
It is not possible to configure the ARIA role on the property in the presentation template for controls that support ARIA role |
|
336369 |
The CSS styling for some of the container layouts is incorrect and the containers are not formatted correctly. This results in the output of the page looking different from previous versions |
|
336378 |
When Windows User Authentication is enabled and the request comes from a public facing URL with no user id a blank screen is displayed |
|
336379 |
Windows Authentication Populate User Credentials configuration in security.properties is ignored |
|
336380 |
Aria properties
(role, custom atts) do not appear on a Hyperlink Control when configured as
an external link. |
|
336384 |
Table sorting links
produce error on WCAG 2.1 checker |
|
336385 |
Security
Exposure - Local File Inclusion vulnerability - It is possible to read files
from outside the Verj.io Server workspace |
Functional changes in V5.8.0
- An interactive script debugger
has been introduced for Javascript scripts. All server-side Javascript
scripts can be debugged regardless of how a script is invoked including
forms, SOAP and REST Web Services, system services, scheduled tasks,
workflow processes etc. In most cases you will be debugging something
running in your local development environment, but it is also possible to
debug a script running on a remote server, subject to security.
- Security between a Verj.io
Studio and its test server has been improved (in support of the new script
debugger). All test servers are now defined using Designer Preferences > Servers
tab, and the current server the studio is using (to test or debug
forms/services/workflow processes) can be changed using the Manage Servers dropdown in the top
right-hand corner of the Studio window.
Change of behaviour:
connection to any
server other than the Embedded Server supplied with the studio now requires
configuration of a user/password with the appropriate role on the target server
and this needs to be configured in Designer
Preferences > Servers on the
studio.
Bugs
fixed in V5.8.0
|
Number |
Description |
|
336343 |
Repeater
Row Control layout type cannot be set to none |
|
336342 |
Referenced
SCSS files not automatically included in deployment |
|
336341 |
Rest
Service authentication does not re-use the refresh token when the access
token fails |
|
336340 |
OAuth
Rest does not resume correctly and just refreshes the original page |
|
336339 |
Security
API OpenID Connect does not exchange token for an access token with the same
configuration |
Functional changes in V5.7.0
1.
This
release introduces a new Gateway Server product. Its purpose is to assist with the
migration of in-house systems to the cloud. In particular it provides:
·
Single
Sign On (SSO) from a cloud server to any in-house security system including
Active Directory
·
Access
from a cloud server to in-house databases and other resources
·
A
portal application that runs in-house and provides links to the cloud
applications
·
A
programming API
These facilities are all based on a secure framework using
industry best practice.
- User Authentication improvements. Many options, including Active Directory authentication, can now be selected at the click of a button without the need to write a Logon Service. This also includes authentication using third-party Open Id Connect providers e.g. Google Identity Platform, Salesforce, ADFS etc.
Bugs
fixed in V5.7.0
|
Number |
Description |
|
335849 |
Cannot
generate a PDF document using Microsoft Edge |
|
336324 |
Saving
a form using Save/Restore functionality displays an error message “An invalid
character [32] was present in the Cookie value” |
|
336325 |
Scheduled
task logs in the server admin app cannot be displayed when there are hundreds
of them as it takes too long to show the results and they are difficult to
navigate |
Functional changes in V5.6.0
1.
Verj.io V5.6 is a landmark release
in that it introduces a new file system layout for the installation that will
enable future upgrades to be performed automatically. This new file system
layout provides separation between the Verj.io distribution files which should
not be changed by customers (the installation
file system), and any customer configurable files (the userdata file system). Future upgrades will work by replacing the
Verj.io distribution files. This change applies to both the Studio and Server
components.
2.
The level of Rhino, which provides
server-side Javascript, has been upgraded to level 1.7.11
which includes support for many ES6 features.
3.
Logon Services have been enhanced
to support the ability to add Authorizations
to a user, in addition to roles and credentials. Authorizations provide more
granularity than a simple role, enabling more sophisticated security checks,
and can be checked using SecurityManager.isAuthorized().
Bugs
fixed in V5.6.0
|
Number |
Description |
|
336262 |
An exception is
thrown when JSON.stringify() is called on an Java String Array |
|
336263 |
Table Field Column
Mandatory Check - Client |
|
336264 |
|
|
336265 |
Verj.io Studio locks
on MacOS when the studio regains focus when editing a Form or the Resource
Hub is open e.g minimised and maximized |
|
336266 |
The Mac OS look and
feel shows very dark blue tabs on the dockable panels which makes it very
hard to read the labels |
|
336269 |
Repeating weekly schedule task does not reset to the correct day for the new execution time after a task is run. |
Bugs
fixed in V5.5.1
|
Number |
Description |
|
336037 |
An
outdated version of Jquery is used - jquery-1.6.4.min.js |
|
336169 |
Can't
add more than one linked text file to a form |
|
336171 |
Multiple
SaveRestore servlet errors appearing in log |
|
336177 |
Javadoc
incorrect for $eb.getComponentPrefix() and $eb.executeFunction() |
|
336184 |
Problem
adding shared function scripts with components |
|
336185 |
Radio
Button lists don’t work with Bootstrap |
|
336188 |
Cannot
add a legacy print form to a form if one does not already exist |
|
336189 |
Cannot install
a widget from the resource hub when you right click on a control |
|
336190 |
Changing
presentation template from a script fails |
|
336191 |
PDF
Header and footer styles can't be edited for a Page Control property set in a
template when this is the default property set |
|
336192 |
Calendar
popup icon missing with IE with display type set to HTML 5 date |
|
336193 |
Issuing
set template command twice in scripts causes a java.lang.RuntimeException:
java.lang.ClassNotFoundException |
|
336194 |
HTML 5 with
IE 11 - Required field validation does not work |
|
336195 |
Client
callable script associations appear multiple times with linked components |
|
336196 |
NullPointerException
printing from a before form event |
|
336197 |
Database
connection problems can occur when one of the server properties files is
updated |
|
336198 |
Sortable
property can't be set on table columns in some circumstances |
|
336202 |
Print
Page Landscape orientation is ignored if the page size is set to A4 |
|
336216 |
Renaming a
Form/Component can cause an exception and form corruption. |
|
336217 |
Licence check fails
throwing an exception when run on a Microsoft Hyper-V Virtual machine with a
tunnel adapter. |
|
336225 |
Print Page does not apply
the correct PDF Margin properties to the print pages and looks different from
version 5.2. |
|
336226 |
Atomikos transaction
manager limits the server to 50 simultaneous transactions. |
Functional changes in V5.5.0
- Addition of widgets: these represent discrete pieces of UI functionality
such as charts, maps, trees, confirmation popups etc. They consist of
visual elements displayed to the user plus optionally additional entities
such as client-side or server-side scripts, CSS etc. Available widgets are
displayed in a separate Widget View that sits alongside the Palette View,
and widgets are dragged onto a page in much the same way as controls, and
can then be configured. The widgets themselves are sourced from the Verj.io
Resource Hub and this will be updated regularly to add new content as it’s
developed. It is also possible to create/install widgets in the local
workspace.
· The component prefix can be specified as the last parameter of the client API $eb.executeFunction() function. In most cases the system will determine when a component context should be applied to a server function called using $eb.executeFunction() but there are some circumstances where this doesn’t work and then this new parameter is required e.g. when a ready event is used to bind another jQuery event.
·
A new method $eb.getComponentPrefix() has been
added to the client API
- The component name of an embedded component is now displayed in the Outline View.
Functional
changes in V5.4.0
- Support for Progressive Web Applications
(PWAs) has been added. PWAs represent an exciting new technology that aims
to make web applications indistinguishable from native applications when
used on mobile devices: phones and tablets. As a result, a web application
can be used for all devices without the need to develop separate native
apps. PWA features include:
·
Make
a web app page look exactly the same as a native app page e.g. by removing the
URL bar
·
Automatically
add a start icon to the device’s home page
·
Caching
of HTML pages and web resources by a service
worker so the app can start even when offline
·
Downloading
of web apps from an app store
·
Support
for push notifications
Please note that support for PWAs varies for each browser
provider and not all browsers currently support all the features listed above.
Ebase support for PWAs will continue to be developed in future releases as
further browser capabilities are announced and released.
Click here for more information.
- The WYSIWYG View used to
display form pages has been changed to use JavaFX as the underlying software component – previously this
was using Flying Saucer. The main advantage of using JavaFX is that CSS3
styling is now fully supported, whereas in the previous release many
styling attributes were not supported. JavaFX also provides future
proofing as it is a fully supported Java component and will continue to
support new aspects of HTML and CSS as they are developed in the future.
- A new PDF generation engine wkhtmltopdf has been added which
supports HTML5 and CSS3. This is available for use when generating a PDF
using the Javascript form.generatePdf()
function or the FPL outputpage
command. This is in addition to the existing Flying Saucer engine which mostly only supports CSS2. A global
property PDF Engine is used to
switch between these two options. This property can be changed using the
Server Admin App on the Server Properties page. By default this property
is set as follows:
·
New
installations: wkhtmltopdf
·
Upgraded
systems: Flying Saucer
Please note that changing the PDF engine may result in
some changes to existing print pages.
- Support for Domain Keys
Identified Mail (DKIM) has been
added to email accounts. This is configured via email account properties using
the Server Admin App.
- It’s now possible to see how
a page will look on any device by selecting the appropriate device from
the toolbar at the top of the WYSIWYG View - a dropdown of named devices
is available including most common devices and this can be edited to add
new devices.
- Support for many Web Forms
2.0 features has been added. Using these features it’s possible to
eliminate the input validation popup alert boxes and replace these with
browser-provided input validation:
The following Web Forms 2.0 input types are supported and can be selected as display
type for a form field or table column:
color, date, datetime_local,
email, month, number, range, search, tel, time, url, week
Some of these types will result in browser widgets being
displayed to help the user enter the data e.g. date, number. The implementation
of these widgets varies between browsers.
Also, some of these types invoke browser validation of the data entered
e.g. email, range. Any validation messages issued by the browser can be
customized using the Validation Message Field Control property. Click here
for more information.
The Mandatory
Field Control property has been renamed to Required,
and required fields are now implemented using native browser validation. This
applies only when the form document type in Form
Properties > Presentation is set to HTML
5. The message displayed (e.g. “Please fill in this field”) can be changed
using the Required Message attribute
of Field Control.
- New Server Resources folders can be created in the workspace. These folders are mapped to the root of
the web application and provide a means of configuring static web
resources and including these in the workspace. In previous releases,
static server web resources had to be added to the server’s file system
and were therefore difficult to manage. With this change, these web
resources can be included in the workspace and can be deployed in the
usual way. Click here for more details.
- When a client API
$eb.executeFunction() call is made, the server will now be aware of the
control which initiated the event – most importantly this includes setting
the current row of any tables. For example, you might have a table or
repeater with a delete button that first displays a confirmation popup and
then invokes a server function via eb.executeFunction(). With this change
the server code to delete the table row is simply tables.myTable.deleteRow() whereas prior to this change a row
identifier had to be extracted on the client then passed to the server.
- Images can now be dragged
from the tree directly onto a page. The project that the image is dragged
from needs to be accessible from the target project.
- Resources can now be dragged
from the tree into the Resources View of a form, component etc. The
project that the resource is dragged from needs to be accessible from the
target project.
- The tree is now sorted so
that any folders are shown before entities.
- Custom attributes within HTML Element Properties can now
contain &&fieldname substitutable variables.
- Aria label texts can be
configured for all appropriate controls. This property is typically used
to provide a screen reader with a label for an otherwise anonymous
control.
- Client browsers with
Javascript disabled are no longer supported. Javascript support on the
client is required to execute an Ebase form.
- A change has been made to the
way Javascript arrays and/or objects are stored as session attributes
which may affect applications using client.request.session.setAttribute(“xxx”,
value) or client.request.session.getAttribute(“xxx”).
The getAttribute() and setAttribute() methods are now
intercepted and Javascript arrays and objects are saved in serialized form
– this is to prevent excessive use of memory which can result when Rhino
objects representing arrays and objects are saved directly. The impact of
this change is that session attributes must now be explicitly saved (using
setAttribute()) each time they are changed. It is no longer true that
getting an attribute, then changing the retrieved object, will update the
saved session attribute.
- The Workflow Administration
application (form WORKFLOW_ADMINISTRATOR distributed in the VerjSamples
project of the default workspace) now requires a user sign-on. Any user
with access to the Server Administration application will also have access
to the Workflow Administration application.
Bugs
fixed in V5.4.0
|
Number |
Description |
|
336049 |
Rest
response content-length issue |
|
336071 |
Server
admin app fails in V5.3.2 when called over SSL |
|
336108 |
NumberFormatException
during updatetable of nested table when rows have been deleted |
|
336109 |
Copying
a scheduled task generates a duplicate runtime id |
|
336110 |
Rhino
script variables stored in session context or other similar contexts use
excessive memory |
|
336111 |
Server
proxy password on the server is not encrypted and fails to decrypt at runtime |
|
336112 |
Cancelling
a workflow job gives message "Cannot cancel from state Cancelled"
if tasks have been cancelled |
|
336113 |
Workflow
pause node script fails with "Cannot have any pending top calls when
executing a script with continuations" |
|
336114 |
Copying
a folder with many inter-related entities does not correctly refactor the
relationships |
Functional
changes in V5.3.2
This release provides integration with the new Verj.io Platform
as a Service (PaaS) system which offers fully supported Ebase Xi servers
running in the cloud and is also the new home for the Ebase website; the Ebase
Xi Designer has been re-branded as the Verj.io Studio. The studio
provides the ability to deploy to either a server in the Verj.io cloud (known
as a service plan) or a non-cloud server (these are now known
as on-premise servers); similarly you can run forms and test
web services and workflow processes against either cloud or on-premise servers.
- After
upgrading to V5.3 you will be initially presented with a logon screen when
you first start the studio; if you have not previously registered on
the Verj.io
portal, click on the Sign up link at the
bottom of the logon panel. If you are already registered then enter your
credentials - any service plans to which you have access
will automatically appear as deployment targets. If you have previously
registered with the Ebase Customer Portal you should be able to use the
same userid/password combination for the new Verj.io portal. Once you have
logged on successfully to the studio, your credentials will be remembered
and you should not need to logon again unless you explicitly logout of the
Verj.io Portal (see below).
The Vault has been replaced by
the Resource Hub.
This contains tutorials, samples, templates and other technical content that
provide advice and can be imported directly into the studio. The Resource Hub
will become the major source of technical help and will be expanded in the
future.
A new Verj menu item
has been added to the main menu. This provides the ability to logout/login
from/to the Verj.io portal plus the ability to change the privacy settings. In
the current release these settings make very little difference – they are used
only when deploying to a service plan in the cloud or when connecting to the
Resource Hub. However, in the future the studio will be enhanced to collect
information on how the studio is used, detect any problems, and offer advice
based on this. When this functionality is added, you will have the ability to
disable it via the privacy settings.
- A
new tabbing framework to contain multiple open entities has been added and
many of the toolbars have been restructured
· Icons from the old tab
headers have been moved to a new toolbar at the top of the page
· Icons from the old
tree toolbar have been moved to the new toolbar at the top of the page
· The Form Editor
toolbar and page toolbar have been re-structured
· The Run button has
been renamed to Test and moved to the main toolbar and a test
history has been introduced. This makes it possible to run forms from any
editor at any time.
- A
number of new controls have been added:
Container
Controls:
· Footer Control – same as a
Panel Control but encloses content in a <footer> HTML tag
· Header Control – same as a
Panel Control but encloses content in a < header > HTML tag
· Nav Control – same as a
Panel Control but encloses content in a <nav> HTML tag
· Section Control – same as a
Panel Control but encloses content in a <section> HTML tag
List Controls – these provide the
ability to display content in an ordered or unordered list and within list item
HTML tags <li>:
· List Panel Control – provides the
ability to lay out any static content as a list
· List Control – used to
display dynamic list content e.g. from a database (Dynamic List) or a Static List
or a list set via a script
· List Text Control – used with a
List Control to display a list item text
· List Hyperlink Control – used with a
List Control to display a list item text as a hyperlink
· List Item Control – represents a
<li> tag
· Repeating List Control – provides the
ability to display a table as a list
Click here for more details on using the new
list controls.
- A
new List Layout has been added which lays
out the content of any container control as a list.
- A
new Class property has been added to the properties panel
of most controls. This makes it easier to add CSS classes to a control –
without the need to first display the styling assistant, click on Advanced
properties etc.
- A
new external API has been introduced that allows non-Ebase apps to
make stateful calls to an Ebase server by including a
small amount of Javascript. This can be used by any non-Ebase app
including mobile apps. Stateful in this context means
that information is kept on the Ebase server between calls from any given
client. Click here for details.
There are now three ways that an Ebase
service can be called from an external (non-Ebase) application:
· REST Web Service stateless REST calls
· SOAP Web Service (integration Service)
call – stateless SOAP calls
· Using the new External API – when stateful
calls are required
- Support
for information messages has been added. There are now three
levels of message that can be added to a page and individually styled:
info, warning, error. Information messages are added by Javascript scripts
using one of the addInfoMessage() methods, and for FPL
scripts via the message command.
- Javascript
API Changes:
· New methods
encryptAES() and decryptAES() have been added to EncryptionServices to provide
encryption using the AES algorithm with 128 bit keys. The existing encrypt()
and decrypt() methods have been deprecated as they use the DES algorithm with
64 bit keys; this DES algorithm is now considered as potentially vulnerable and
customers are recommended to use the new AES methods instead.
· New methods
appendToFile() have been added to FileServices. These should be used when appending
text to a file instead of the writeFile() methods that replace the file
contents.
· It is now possible to
exclude some Java classes from the automatic conversion that occurs for
server-side Javascript scripts when Java objects are transferred into the
Javascript environment. This conversion behaviour is mostly beneficial but can
occasionally cause problems; it includes the conversion of all Java lists
(java.util.List) to Javascript arrays [] and the conversion of all Java maps
(java.util.Map) to Javascript objects {}. Individual Java classes or
interfaces can be excluded from this conversion by using
system.addWrapFactoryExcludedClass() and
system.removeWrapFactoryExcludedClass() e.g.
system.addWrapFactoryExcludedClass("java.util.Properties");
The scope
of changes made by these methods applies to the currently executing form, web
service, workflow job etc.
· New methods
addCssClass() and removeCssClass() have been added for all controls. These
methods allow classes to be added and removed dynamically without affecting
other classes assigned to the control.
· The ability to iterate
through items in a list has been added. This can be used when a list is
associated with either a field or a List Control:
var items =
controls.listControl.list.items;
while
(items.next())
{
var
val = items.listValue;
if
(val == "danger")
{
controls.listItem1.backgroundColor
= "red";
}
}
- The
ability to monitor the number of database connections in a connection pool
has been added. In the Server Admin App, click on Database
Connections then click the
icon for an individual database to
display information about the current usage of the connection pool. This
can also be used to restart the connection pool in the event of problems.
Click here for more details.
- The
ability to run an HTML entity file has been added.
- Creation
of a new project now allows you to select a pre-configured folder
structure or model the folder structure on an existing project. This
behavior can be disabled in designer preferences.
- A
new Save All icon has been added to the main toolbar
(next to the Save icon) – this saves all open entities
that have been changed.
- The Getting
Started option has been removed from the Help menu
– the tutorials provided by this option have been revamped and are now
included in the Resource Hub
- A
small change has been made to the HTML generated for a Table Control. This
might have any impact on existing forms which have been styled using CSS
which is dependent on the HTML structure.
- A
Bootstrap presentation template has been developed and is available for
download from the Resource Hub. This is based on Bootstrap
4.0.0 beta.
- Designer
Preferences contains a new Privacy tab. This allows you
to disable the link between the studio and the Verj.io portal.
Bugs
fixed in V5.3.2
|
Number |
Description |
|
335821 |
Added
character encoding to RestOptions when invoking a REST call to specify the
response message character encoding type. |
|
333892 |
Problem
deleting table columns in the Ebase designer that contains percentages in
their style width values. |
|
335864
and 335973 |
Fixed
the security vulnerability to change the epd parameter to change the page. If
could open a page that does not contain a security check. |
|
335895 |
NullPointerException
when inserting a row into a table, deleting it and then issuing an update
table when the resource is backed by an Integration Resource. |
|
335896 |
Fixed
that REST service resource response headers do not substitute the value in
fields (fields with && in them). |
|
335938 |
V4
repository that contains duplicate mapping when upgraded creates duplicate
mappings. |
|
335979 |
Importing
an Ebase export file that contains special UTF-8 characters (for example Ł
sign) corrupts the character. |
|
336035 |
SOAP
web service calls that require maintaining of sessions cookies are lost
between execution of different Ebase forms. |
|
336050 |
OAuth Access Grant
scopes and User Resource parameters can be overridden from the Rest Resource
OAuth authentication configuration or these can be overridden at runtime
using the OAuth authentication object in scripts. |
|
336051 |
Adding a shared or client callable script to a component and then running the form causes an error stating that the shared script does not exist. |
|
336052 |
Set a table column
value to include HTML and set it to be a Hyperlink, at run time the html is
not rendered. |
|
336053 |
Using the server admin app to edit the non
proxy hosts configuration truncates the entry to 255 characters. |
|
336054 |
A reference to form.getElementName() or
system.variables.$FORM_ID fails with a NullPointerException when calling within
an Integration Service script. |
|
336055 |
After inserting a row using a database resource
to a |
|
336056 |
Searching workflow jobs by process attribute name/value using the jobs list resource doesn't work. |
|
336057 |
NullPointerException after importing a database resource and trying to open in the designer. |
|
336058 |
Numbers without decimal points get .0 added when assigned to character fields. |
Functional
changes in V5.2.0
1.
Support
for publishing REST web services has been added. Together with the changes
introduced with V5.1, full support is now provided for calling and publishing
both REST and SOAP web services.
2.
Many
icons and panels have been changed to introduce a fresher look into the
designer.
3.
Javascript
API Changes:
·
A
new technique for executing SQL statements has been added without the need to
create a Database Resource and mappings. This is accessed via the new
DatabaseServices class e.g. services.database.executeSelectStatement(…). All
SQL statements are supported.
·
Property
files can be loaded using one of the new system.loadPropertiesXxx methods.
Bugs
fixed in V5.2.0
|
Number |
Description |
|
335799 |
Error calling
a SOAP web service: Could not invoke service.
java.util.ConcurrentModificationException |
|
335813 |
Workflow
process tester fails when using SQL Server repository database |
|
335814 |
Error running
large forms: CannotCompileException java.lang.ClassFormatError: Invalid
method Code length 74999 in class file TEXTS_xxx. |
|
335816 |
ClassCastException
using print resource from workflow |
Functional
changes in V5.1.1
1. Support
for calling RESTful web services has been extended:
- Support for Client
Credentials Grant has been added to OAuth support
- It is now possible to specify username,
password and scope dynamically when using OAuth
Bugs
fixed in V5.1.1
|
Number |
Description |
|
335759 |
Error “Cannot modify a property of a sealed object” changing a
Javascript prototype object |
Functional
changes in V5.1.0
1.
Support
for calling RESTful web services has been added which can be achieved using the
new REST Web Service Resource or directly via the programming API.
2.
A
link to the Ebase Xi Vault application on the Ebase website is available via Help > Ebase Xi Vault. Ebase Xi Vault provides many samples, videos,
complete apps etc and these can be viewed from the designer and/or downloaded
directly into the workspace (to the Vault
folder in the ebaseSamples project)
by clicking the Download button at
the top of each item page. The Ebase Xi Vault will continue to be expanded in the
future and is intended to be a major source of advice and samples covering all
aspects of Ebase Xi.
3.
New
variable services has been added to
the Javascript API. This provides access to all the xxxServices classes within
the script API e.g. DateServices, EncryptionServices etc. Previously these
xxxServices class names had to be included within a script statement e.g.
DateServices.formatDate(x, y) whereas this can now be coded as
services.date.formatDate(x, y). This makes it easier to understand which services
classes are available.
4.
The
ability to exclude folders from the entity tree has been added. By default this
includes .svn, .cvs and .git. These folder types are configured using Designer Preferences.
5.
A
new template xiDefault is supplied.
Bugs
fixed in V5.1.0
|
Number |
Description |
|
333983 |
Styling Assistant does not show labels when a language other
than English is used |
|
334818 |
XSL Adapter: text editor window does not scroll |
|
335337 |
Resettable documentation is not clear |
|
335397 |
PDF generation hangs |
|
335404 |
Can't call upload via the client API |
|
335466 |
Exception if user manipulates the ebz URL parameter part way
through form execution |
|
335676 |
Custom lists and Static lists display return value instead of
display value when field is a hyperlink |
|
335682 |
Passing an object which contains an array back to the calling
form crashes the form |
|
335685 |
Workflow decision node - get error clicking OK so can't change
it in any way |
|
335688 |
Some dialogs use black text when highlighted - makes it
difficult to see on a dark b/g |
|
335691 |
Subversion control (.svn) folders are visible / searched in
Designer |
|
335702 |
Clicking Browser back button after returning from a called form
causes runtime error |
|
335719 |
Date in
Language File: results in Version Control checking it in although the texts
have not changed |
|
335723 |
Barcode control needs server to render image on the designer |
|
335724 |
Getting Started resource centre has illegal href links |
|
335725 |
Unable to run forms in a Linux installation unless Firefox is
installed |
|
335726 |
form.generatePdf() gives NPE when image has blank / invalid url |
|
335727 |
Save button in style sheet editor is always enabled |
|
335728 |
Deployment of multiple server email files fails |
|
335729 |
Styling the final page using classes doesn't work |
|
335730 |
Form cacheloader fails to find the form in workspace |
|
335731 |
Incorrect behaviour of mandatory column in Tabset when |
|
335732 |
Documentation for "Change Ebase Repository to a different
database" is out of date |
|
335733 |
References to a default property set doesn't work |
|
335734 |
Client response headers are lost due a server redirect |
|
335735 |
Uses panel and data dictionary are not updated when a form is
renamed |
|
335736 |
Database connection changes within the Server Admin App. require
a server restart |
|
335737 |
Server Admin App: saving email server port number fails |
|
335738 |
A message issued from an event on page_1, but against a control
on page_2 is not rendered |
|
335739 |
Renaming / moving scripts fails to refactor associated events |
|
335740 |
Add ability to rename integrated test server web app |
|
335741 |
NullPointerException accessing event.eventDescription in a
callable function |
|
335742 |
NullPointerException generating PDF from scheduled form |
|
335743 |
Page cannot be displayed error and NullPointerExceptionafter
removing a list from a table column |
|
335744 |
css and client script editors mess up LF and CR |
|
335745 |
Refreshing Entities takes too long |
|
335746 |
Server Admin App when using Oracle repository - error listing
users |
|
335747 |
Renaming a folder to a different case causing problems |
|
335748 |
Server Admin App logon page - cursor goes to the password field |
|
335749 |
Saving entities in the designer is very slow |
|
335750 |
Form calls itself, upon return any reference to a field causes
NullPointerException error |
|
335751 |
Making a change in Designer preferences causes unsaved changes
being undone |