Product news and other information from the developers of Portfolio.
Showing 16 - 20 of 91
IP address session protection changed and multiple bugfixes
Today's update (ce51eda) brings with it the following changes:
- Session hijacking was previously mitigated by ensuring the IP address always matched. When you're using HTTPS this is no longer needed, so it's no longer verified. Roaming between different networks (e.g. with a laptop or tablet) should now work without being logged out.
- The CEFR final report could in some situations include voice recordings for competence levels other than the one the student self-evaluated as. This has been fixed.
- Using the back browser button and answering a CEFR document again would skip over a document in the workflow. This should now be fixed.
- The page activity timer is no longer restarted if you use the back/forward browser buttons to navigate to a page.
- The wav2mp3 request handler had a race condition when dealing with ADPCM WAV files from the Java-based voice recorder. This should now be fixed.
- Some broken HTML markup in my configuration and other reports was fixed.
SASS stylesheet rendering, page timeout, timers and more improvements
Today's update (7601a42) brings with it the following changes:
- A new template function called
explain() was added, used to dump the contents of variables used in templates with proper color and indentation. The use of
Dumper.dump() caused sensitive data to be made available. The old
Dumper.dump() method will still work, but restricted attribute values will be trimmed, just like
- All HTTP request handlers and backend cron jobs now has a timeout value. The default timeout for a request handlers is now 2 minutes. The developer resource that lists request handlers now also includes information about the timeout for each handler. This should ensure that runaway processes no longer cause worker process resource starvation.
- When PORTFOLIO.create_search_form() is executed, it will no longer perform the XmlHttpRequest call if the DOM element it should be rendered into is not present.
- It's now possible to compile SASS stylesheets into CSS on the fly. A new menu item for creating a SASS stylesheet has been added. Text files with the extension .sass or .scss will be detected as SASS/SCSS stylesheets during upload. The libsass C++ engine is used for the compilation.
@import statements are supported, and resolve relative to the object that is being rendered. The prefix
_ and the extension (.sass/.scss) is automatically appended if not specified to support the same behavior as the Ruby implementation.
resolve_path() template function is finally available. It works just like the resolve_path request handler, and must start with a container identifier. They both just verify permission on the final object/container in the path, just like before.
current_site template function can now be used. Some of the other site_XXX template variables are now redundant. Using
current_site.container_data.resolve_path("path/to/file") is a good way of getting access to content below the site root without resorting to hard-coded container identifiers.
- It's now possible to start and stop timers during template rendering. This allows more detailed timing information about page rendering to be displayed as an HTML comment at the end of the page if the
enable_timing_report configuration variable is set. The report will also include how much time is spent in each template function, each template and the total time spent on generating the HTML.
- Added new parameter render_mode to the
embed() template function. You can set the value to either
- When a stylesheet is viewed directly instead of embedded, the actual CSS text is now rendered, so it is easier to know what you're working with.
- Stylesheet objects are no longer forced to text/css mimetype regardless of which mimetype was set. It is now only used as a default.
- The e-portal single-sign-on and push message handling now use the standard timeout feature, giving more consistency.
- Improved code layout in
read request handler, enabling proper filename when downloading content in more situations.
- The generic error pages which are shown when the application doesn't respond properly have been improved. The language should be more user-friendly.
- Fix an internal server error when trying to upload a zero-length file. Now it shows the correct error message.
- An unhandled exception when generating thumbnails is now handled, returning a proper error message instead.
- Browsers have changed behavior with how they handle strong ETag cache validation tokens. Browsers now return a weak validator token even though we send a strong one. Ignore the weak ETag classifier so HTTP 304 NOT MODIFIED responses are generated when they should.
- The word occured was consistently mistyped. Now it has been changed to the correct occurred in all strings.
Feature removals / deprecations
page_timer template function no longer returns the timer value for the entire page. It now returns a timer instance you can use to start, stop and report timing information. This changes the API, so documentation has been updated to match the new behavior.
- The request.filename local template variable was not used anywhere and was removed.
Fixed regressions in MP3 audio player
Today's hotpatch (5806a47) fixes the following regressions:
- The MP3 audio player was eating DOM elements, causing lots of different kinds of errors. This should now be fixed.
Enabled sending links to any objects and some bugfixes
Today's hotpatch (08fd291) has the following changes:
- It's now possible to send links to objects you don't have access to, making it possible for teachers to easily send a link to a student asking them for permissions.
- The recipient in the To column in the outbox was not shown. The sender's name was shown instead. This has now been fixed.
- It was previously possible to iterate through containers forever by specifying an ever-increasing
list_start value to the read_container request handler. This should now emit an error.
Hotpatch to address bugs since last update
Today's hotpatch (3e3544b) brings with it the following changes:
- The poor performance of the My students report since last update has been fixed. It should now render in less than a second for most users.
- The My contacts sidebar should render somewhat faster.
Showing 16-20 of 91