Blog

Product news and other information from the developers of Portfolio.
Showing 21 - 25 of 93
  • Enabled sending links to any objects and some bugfixes

    Posted by: Robin Smidsrød 14. Mar 2016 16:48

    Today's hotpatch (08fd291) has the following changes:

    Enhancements

    • It's now possible to send links to objects you don't have access to, making it possible for teachers to easily send a link to a student asking them for permissions.

    Bugfixes

    • The recipient in the To column in the outbox was not shown. The sender's name was shown instead. This has now been fixed.
    • It was previously possible to iterate through containers forever by specifying an ever-increasing list_start value to the read_container request handler. This should now emit an error.
    You must be logged in to read or post comments
  • Hotpatch to address bugs since last update

    Posted by: Robin Smidsrød 11. Mar 2016 06:04

    Today's hotpatch (3e3544b) brings with it the following changes:

    Performance improvements

    • The poor performance of the My students report since last update has been fixed. It should now render in less than a second for most users.
    • The My contacts sidebar should render somewhat faster.
    You must be logged in to read or post comments
  • Improved performance for several reports and several other enhancements

    Posted by: Robin Smidsrød 9. Mar 2016 16:55

    Today's update (1234623) brings with it the following changes:

    Security issues

    • All request handlers that support search queries now need a minimum of three characters to be valid. The search syntax is now consistently validated before it is passed on to the database.

    Performance improvements

    • The My students report has been improved. It should now render faster.
    • The group members report has been optimized quite a lot and should no longer cause timeouts for groups with excessively large member count. If more than 100 table rows are shown then icons are skipped to improve speed. If more than a 1000 users are shown then they are not collectable.
    • The inbox/outbox should now be much more performant. The local template variables are also much more consistent. The HTTP API has been slightly changed (related to pagination).
    • Automatically-generated messages older than a year will now be automatically deleted.

    Enhancements

    • The Course result report now shows the total time used in the course.
    • The continous summary table in Page views report has been hidden behind the enable_page_views_live_report user configuration variable. It is off by default.
    • The synthetic speech client now allow text and text selections in iframes to be read. The code has also been improved so it doesn't try to read JavaScript code out loud. Be aware that content in cross-origin frames or non-HTTPS frames will not be read from an HTTPS-enabled page. The starting DOM element can also be specified in the init method.
    • The MP3 audio player can now be configured to place the label, slider and buttons in whatever order you want it. The currently-playing audio player is now targetable with a CSS class.
    • Global and system groups are now shown in the user profile, if the user is a member of them.
    • The following request handlers now support ignorable path parameters before the UUID: read, read_container, data, download

    Feature removals / deprecations

    • The java-settings and flash-settings object types were removed. Existing objects have been changed to type app-input.
    • The java-data and flash-data object types were removed. Existing objects have been changed to type app-output.
    You must be logged in to read or post comments
  • HTTPS security fixes, institution blog and object locking performance fixes and much more

    Posted by: Robin Smidsrød 17. Feb 2016 16:52

    Today's update (1b977e1) brings with it the following changes:

    Security issues

    • Internet Explorer 11 on Windows 7-8.1 is not able to connect to HTTPS servers which use large Diffie-Hellmann primes. Changed to smaller primes which are compatible with Windows 7-8.1. Windows 10 was not impacted by this issue.
    • LeseWeb (synthetic speech) is now accessed via HTTPS URLs to mitigate a mixed-content warning.
    • HTTPS SSLv3 protocol was disabled to mitigate the POODLE attack.

    Performance improvements

    • The list_institution_blog_items(r) and get_institution_blog(t) handlers caused timeout whenever they were used. This was one of the main reasons why the system has been slow the last few weeks. This should now be fixed.
    • Storage container size is no longer calculated when objects are modified. This was the cause of a massive locking issue on the entire object table each time an object was modified. This should radically improve performance and concurrency when working with long transactions which modify objects (e.g. recursive deletions).

    New features

    • Added a button to copy identifier directly to the clipboard. Enable it with the boolean user configuration variable enable_copy_id_button.
    • When you're editing an object it is now possible to see which course the object belongs to on the permissions tab. You will only see courses you're an editor for.

    Enhancements

    • The wav2mp3(r) handler now uses proper caching, allowing HTTP 304 NOT MODIFIED responses. This should improve rendering speed of playback of voice recordings. It is no longer possible to specify multiple objects or a WAV file URL to this handler. The object identifier can now also be specified as part of the URL path.
    • The thumbnail(r) and watermark(r) handlers have also been refactored to be more performant. A backend common cache directory is used instead of storing the cached representation together with the primary file.

    Bugfixes

    • When you try to delete users that have delivered quiz assignments, it should no longer trigger a database exception.
    • The ar_SY locale now has right-to-left text direction properly defined.
    • UTF8/16/32 BOM text encoding detection was partially broken. This should now be fixed.
    • Fixed a bug where content was not saved properly when creating new spreadsheet objects.
    • Updated jxcell.jar and pfxcell.jar to conform to new security model in Oracle Java version 7u45 regarding Java applet method access from JavaScript.
    You must be logged in to read or post comments
  • HTTPS support, quiz radio inline mode, Google Chrome voice recorder bugfix and more

    Posted by: Robin Smidsrød 21. Jan 2016 16:17

    Today's update (76c9f3d) brings with it the following changes:

    Security issues

    • Implement HTTPS support, allowing wildcard certificates and automatically generated certificates using letsencrypt.org.
      • A redirect from HTTP to HTTPS is automatically performed if a certificate is available for the domain.
      • The web server configuration should give an SSL Labs A rating for all domains.
      • Certificates acquired using Let's Encrypt are automatically renewed 30 days before they expire.
      • The default certificate name (for clients that don't support TLS SNI) is portfolio.
      • Domains that we explicitly don't want HTTPS for can be excluded.
      • A wildcard certificate for portfolio.no and fagbokforlaget.no will arrive shortly.

    New features

    • Added Arabic Syria (ar_SY) content language code.

    Enhancements

    • Implement inline display mode for quiz type radio. Unfortunately, because of an excessive use of the previous default block display mode, the default is block (when all other types default to inline). If you want inline display mode for type radio you need to explicitly set display_mode => 'inline'.
    • Improve icon for set default search method.

    Bugfixes

    • Adding HTTPS support should fix the microphone access issue in Google Chrome when using the voice recorder.
    • Fix broken select user UI in object/container edit permissions tab.
    • Cleanup CSS selectors in request_read_account template.
    You must be logged in to read or post comments
Showing 21-25 of 93
First Previous Next Last

Login