The 17.6 Release includes the ability to enable Content Security Policy (CPS) for ActiveCast components, as well as additions to our FreeMarker and Community APIs.
- Important upgrade information
- New features
- API changes
- Announcement - EOL of Responsive skin beta versions
- You found it. We fixed it.
Important 17.6 upgrade information
As part of the 17.6 upgrade for APAC and North American customers, there will be a short period of downtime as we roll out new Redis clusters in our data centers. The expected downtime is less than 10 minutes. Your upgrade will be during your local, standard maintenance window.
If you have any questions about this release or our upgrade schedule, please contact Lithium Customer Support.
New features
Enable and configure Content Security Policy (CPS) for ActiveCast
Content Security Policy (CPS) is a security layer added to identify Cross Site Scripting (XSS) and data injection attacks and to lessen any damage caused by them. Prior to 17.6, customers using ActiveCast had to contact Lithium to enable Content Security Policy and whitelist domains allowed to syndicate ActiveCast components. We now allow you to configure this feature yourself.
Any domains whitelisted for your community previously will appear in the Community Admin > System, Content Security tab. If no domains are added, then ActiveCast components are rendered in an iframe and will not render on any domain.
API changes
In 17.6 we've released additions to the following APIs and deprecated a FreeMarker method.
Community v2 API
Note: Release-specific reference documentation for Community API v2 resources becomes available when the Lithium Community upgrades to the latest release version. The upgrade usually occurs one to two weeks after we announce that a new release is available. To view which version the community is running, go to https://community.lithium.com/status/version.
We've added support for:
- Create and Update actions on the Board resource
- A new Messages_Read resource
Create and Updated HTTP actions supported on the Board resource
We have made the Create and Update HTTP actions publicly available for the Board resource. See examples in the Board resource documentation in the Developer Documentation Portal.
Example POST
Required fields: conversation_style, id
POST /community/2.0/mytenantid/boards HTTP/1.1
Host: api.lithium.com
Content-Type: application/json
Cache-Control: no-cache
client-id: czY8mbW76Ac/Wz6+bAMhCm+sW5WSyhAO2odh28TB1/c=
{
"data": {
"type": "board",
"id": "DeveloperDiscussion",
"conversation_style": "forum",
"title": "Developer Discussions"
}
}
Example PUT
Required fieds: none
PUT /community/2.0/mytenantid/board/DeveloperDiscussion HTTP/1.1
Host: api.lithium.com
Content-Type: application/json
Cache-Control: no-cache
{
"data": {
"type": "board",
"description": "This is a place for developers to discuss Lithium APIs "
}
}
Messages_read collection
We have added the Messages_Read resource to the Community v2 API.
The message_read resource is used to mark a message read or unread. You can set the read/unread status of a single message, multiple messages, or an entire thread (topic and all child replies).
Example POST
Required fields (one of the following -- do not use these together in the same request):
- message_id - the ID of the message to mark as read/unread
- message_id - IDs of multiple messages to mark as read/unread
- topic_id - the topic ID of a thread (marks the entire thread as read/unread)
POST /community/2.0/mytenantid/messages_read HTTP/1.1
Host: api.lithium.com
Content-Type: application/json
Cache-Control: no-cache
client-id: czY8mbW76Ac/Wz6+bAMhCm+sW5WSyhAO2odh28TB1/c=
{
"data": {
"type": "message_read",
"mark_unread": "true",
"message_ids": "518, 659",
"user": "32"
}
}
FreeMarker
Get message ID from edit and reply pages
The Reply Page, Mobile Reply Page, and Edit Page now return a message FreeMarker context object. This enables you to get the ID of the topic message being replied to (for new replies) or the ID of the message being edited.
See the page.context.message documentation for more information.
Get user avatar details
We have added new methods to the user FreeMarker context object to get the avatar URL, width, and height for the user in context. The methods enable you to get URL, width, and height details for the default avatar size, as well as favicon, inline, print, and profile sizes. See the FreeMarker user context object for details.
Deprecated calls
We have deprecated the FreeMarker method:
utils.html.stripper.from.gdata.strip(String html)
We recommend using utils.html.stripper.from.owasp instead. See the utils FreeMarker context object documentation for details.
Announcement - EOL of Responsive skin beta versions
The beta program for the Lithium community platform's Responsive skin concluded at the end of July 2016 when the generally available release of the Responsive skin became available to all customers and communities. As a next step, all beta skins will be removed from the platform with our 17.10 release, currently scheduled for November 2017. If your community is using one of the beta skins at that time, the upgrade to 17.10 will trigger an upgrade to the latest release version of the Responsive skin. If you're currently using a beta version of the Responsive skin, please be sure you've take the appropriate steps to adopt and deploy the general release version of the skin in advance of this date. If you have questions or need assistance, please contact responsiveUpgrades@lithium.com.
You found it. We fixed it.
- We have fixed a bug that led Facebook Connect to stop working correctly after upgrading to 17.5. This fix has been backported to 17.5.
- We have resolved an issue where using the @modal directive in a custom component would not work properly. This fix has been backported to versions 17.3, 17.4, and 17.5.
- Resizing the TinyMCE editor in the Rich Text tab in edit and post pages now works as expected with Responsive skins.
- Comments on hidden images (images placed inside a hidden album) are no longer visible to anonymous users when viewing Print pages, such as the Blog Article Print Page.
- We have fixed styling in the Search Page so that labels on messages in the search results no longer look like a link.
Check out the previous 17.5 Release Notes.
