Today's update (40f90ea39) brings with it the following changes:

Security issues

• Google Chrome v80 made changes to SameSite cookie behavior. The SameSite attribute on cookies is used to control cross-domain behavior. All cookies are now set to Samesite=Lax, but session cookies are explicitly set to Samesite=None.
• Talkbook sound files are now served with CORS headers. This solves a playback issue with translation audio files used in D-bok.
• HTTPS certificates are now issued using LetsEncrypt ACMEv2.

Performance improvements

• Updated to the latest Perl toolchain. This might give minor performance improvements.

New features

• Added conversation view for messages. Now users can see all of the conversations they have had with another person on a single page.
• Added inline attachment option to new message screen, now user can upload new file or choose any existing object as attachment to a message. Where you want to store the uploaded attachment can be chosen.

Enhancements

• Message reply status is now available in the messaging system.
• Messaging inbox/outbox search query is sticky now, it remembers what you have searched when you re-enter the page.
• Accessibility of the sound player has been improved.
• Accessibility of the manage_language template function has been improved.

Bugfixes

• Fixed user-interface inconsistency with tab navigation in messaging feature.
• Fixed inability to navigate cells in quiz type matchbox with keyboard.

Documentation improvements

• Added reference documentation for:
  • Template behavior
  • BlobMachine behavior
  • User collection and permission manager behavior
  • User, object and quiz container models
  • CSV parsing, captcha validation, business metric logging, pagination, macro and talkbook libraries

The entire system has been moved from the Rackspace London data center to the Azure North European data center.

Contact support if any unexpected issues that might be related to this migration happen.

Today's update (6f5f52e) brings with it the following changes:

Performance improvements

• The performance of the user memberships report was improved a lot.
• The performance of the course results report was improved.

New features

• A report for how much a user has progressed in courses was added to the user profile.
• A report with the lowest course object scores was added to the user profile. It makes it easy to see which course objects the student needs to work on. It is a subset of what is available in the course result report.
• A report for user submissions was added to the user profile. This makes it easy to find essays that the student is working on. It is a subset of what is available in the course result report.

Enhancements

• The user activity report now supports reporting activity information for a range of dates, not just a single day or week. Additional information was added to the table legend to clarify some date range issues.
• The course results report now supports a range parameter, making it possible to only see activity for a certain date range.
• The report of access keys assigned to a user and the report to show all institution, group and course memberships were extracted out of the user profile and moved to their own request handlers. The user profile still load these reports into the page.
• Added user name to page title for the following reports:
  • course_result
  • user_access_keys
  • user_course_progress
  • user_memberships
  • user_object_scores

Bugfixes

• When a supervisor views the course result of a student the student identifier wasn't logged. This is now fixed.
• Downgraded FFMPEG from version 4.x to version 3.x because of unmaintained third-party code. This might impact the ability to create thumbnails for some video formats.
• Improved developer documentation for the course_result request handler.

Today's update (2f25d62) brings with it the following changes:

Security improvements

• Secure websockets are now allowed by our CSP policy on secure sites.

Performance improvements

• Improved navigation between pages by avoiding deprecated browser features.

Documentation improvements

• Added reference documentation for:
  • Email-sending behavior
  • Object rendering behavior
  • Factory behavior
  • Flash message behavior
  • File manager parameter validation
  • FastCGI web worker behavior
  • File type detection behavior
• Added reference documentation for the following HTTP request handlers:
  • aicc
  • dev
  • edit_autoreg
  • eportal_push
  • execute
  • external_search_config
  • help
  • list_permission
  • login
  • logout
  • mark_message
  • measure
  • move_element
  • nav_course
  • new_message
  • online
  • page_view_log
  • ping
  • placement_test
  • preview_content
  • quiz_editor
  • read
  • read_exam
  • read_site
  • register_account
  • resolve_path
  • session
  • sso
  • talkbook
  • update_autoreg
  • update_class
  • update_config
  • update_order_course_element
  • update_site
  • update_site_containers
  • upload
  • user_activity
  • watermark
  • welcome
  • write
  • write_account
  • write_account
  • write_autoreg
  • write_course_element
  • write_glossary
  • write_institution

Today's hotpatch (66ebc45) brings with it the following changes:

Bugfixes

• A regression in the CGI.cookie() template plugin method was causing existing cookies to not be retrieved, even though they existed in the HTTP request. The old behavior has been restored and the issue should be fixed.