Khoros Community Classic 23.10 Release

BhuvanaM

Khoros Alumni (Retired)

2 years ago

Enhancements
Consent for Embedding and Viewing YouTube and Vimeo Videos
Developer Docs
Aurora Release Updates
You Found it! We Fixed it!
General fix
Accessibility fix

Enhancements

Consent for Embedding and Viewing YouTube and Vimeo Videos

To be further compliant with data privacy regulations, including GDPR, we've introduced an enhancement when uploading and viewing YouTube and Vimeo videos.

With this enhancement, interested customers can request their community members' explicit consent to use and store third-party cookies (from YouTube and Vimeo) to create and view posts containing YouTube/Vimeo videos. Once consent is given, preferences are stored for six months, eliminating repetitive consent requests. This consent applies to both YouTube and Vimeo, and the banner text is customizable for added flexibility.

Note: Contact support to enable this feature in your community.

Here’s how the consent form looks while uploading a YouTube or Vimeo video:

And here’s how the consent form looks when you want to watch a YouTube or Vimeo video:

Learn more about uploading videos to your community.

Learn more about Khoros cookies in our Khoros Cookies Data Sheet.

Developer Docs

The device_id field in the messages LiQL group has been changed to require the administrator role in order to meet the standards and requirements outlined in GDPR. While a device ID is not considered Personal Identifiable Information it is considered to be Personal Data under GDPR because it relates to an identified or identifiable person. Following this change in 23.10, the device_id field will only return data when the account has the administrator role.

Aurora Release Updates

Curious about what's happening with Community Aurora releases? Check out and subscribe to the Aurora Release Notes area to see all the progress and new features being released each month.

You Found it! We Fixed it!

General fix

Previously, after indexing, it was found that content was not displayed in spam, archives, and drafts. This issue is now fixed.
The issue where Admins never received a complete CSV export of User Reports (Admin > Metrics > User Reports) in their Private Message is fixed. Now, after the User Report is exported, the CSV file is automatically sent to the Admin’s inbox in Private Message.
After the recent EXIF data feature implementation, it was found that vertical images in Contest boards were rotated 90 degrees when a “Complete EXIF” is stripped. This issue is fixed. Now, vertical images successfully upload in Context boards on communities with EXIF data feature enabled.
Previously, members with the Basic HTML permissions set to “Grant” and the Embed third party content permission set to “Deny” could send private messages to other members that included an HTML tag with external content source. This issue is now fixed and the members receive an error message.
Previously, members were not able to upload, attach, or download .ioc files in their post. This issue is now fixed.
Previously, attackers could pass a member's user ID in the URL to Leave a Group Hub and remove the member from the Group Hub. This issue is now fixed. Instead of trusting the User ID in the URL request, we now validate it against the logged-in member’s User ID.
The issue when an admin runs a user sync using rest api connection is fixed. Now, an admin can run a user sync using REST salesforce API instead of REST API connection.
Previously, when an anonymous user made a LiQL query, the personal data like the device ID were exposed. This issue is now fixed. Now, when an anonymous user makes a LiQL query, the device ID is hidden.
The issue where a request to get an asset image failed as it did not exist in the cloud object storage is fixed. The fix is to handle the request and re-try uploading the asset from LIA (Khoros Classic Community) instead of going through the image service.
Previously, when members tried to attach .har files to a draft in the community, the file failed to upload and an error message was displayed that the .har content type does not match its file extension and the file has been removed. This issue is fixed. Now, members can successfully attach .har files while creating a new post or replying to a post in the community.
Previously, when the config related to “dynamic subject for replies” was enabled and members tried to move replies or inline replies of a discussion to another location, the subjects associated with the moved replies did not appear in the new location. This issue is fixed. Now, the replies that are moved to the new location include their subjects.
The issue where community admins were unable to migrate attachments and convert them to inline images by initiating image attachment migration process is fixed.
The issue where members failed to update custom settings via API V2 call for the community versions v22.11 or later is fixed.
Previously, attackers with social engineering techniques could use a malformed analytics survey URL to display custom messages and impersonate official community content. This issue is fixed. Now, the URL is validated and an error message is displayed if it contains invalid parameters.
The issue where members did not receive email notifications from the community when the Use Community Slack App permission was set to Grant by default is fixed.
Previously, when members enabled Receive email notifications for new private messages in the My Settings page and admin turned off the same option in the Profile Defaults, members were not receiving the email notifications for new private messages. This issue is fixed. Now, members receive email notifications even if the admins turn off the Receive email notifications for new private messages option in the Profile Defaults.
The issue where the LithiumSSOClient for .NET and Java used a lower version of BouncyCastle library which had some vulnerabilities is fixed. Now, the library is upgraded to the latest stable version.

Accessibility fix

The issue where the screen reader did not focus the table present under the pop up in the private message while performing keyboard navigation is fixed.

Updated 5 months ago

Version 7.0

communities classic

release notes

BhuvanaM

Khoros Alumni (Retired)

Joined April 29, 2022

View Profile

Release Notes

Review release notes and updates for all of our products! Select a tag to browse by product or resource type.

SudheeshN
Khoros Staff
12 months ago
Hi,

We are looking into this issue and it seems to be caused by a change that went in recently. We will update this thread as soon as the fix is identified.
luk
Boss
12 months ago
mdfw well, in the specific case we had to deal with the "original" (old) text key is:

form.SearchForm.field.messageSearchField.placeholder@page:ForumPage.<customQuiltName> = <YourPlaceholderText>
the new one that is not documented in the changelog is:
searchgranularitysearchbar.placeholder.text@page:ForumPage.<customQuiltName> = <YourPlaceholderText>
you can find the new textkeys by going to Studio > Text Editor > Advanced > Show Text Keys (do not navigate away from that page!) then go to the frontend, reload and you'll see the text-keys in "raw" form.

You either switch them out or duplicate the values you already had for the new text key(s).

The problem here is not really how to fix it, it's just a problem that breaking changes like that are just pushed into a release without any way of knowing about them and then we hopefully/accidentially discover them... IMHO such changes should only be done with a new Feature version, in this case for the "Search" feature of Khoros, which is currently at v3.4, a breaking change like this should be v3.5 with the appropriate documentation of what changed and what one should be aware of if a community is upgraded to that new version. That is not the case here as a breaking change is simply pushed into the current 3.4 version without anyone documenting it or communicating.
luk
Boss
12 months ago
BhuvanaM were there any not mentioned changes to text-keys, in particular for the OOB Khoros Search? We are seeing issues with customized text not being customized anymore with 23.10 while on 23.8 (e.g. prod) they are still fine, didn't touch anything, but the custom text is gone and the text-key changed, e.g. is now one that was never defined in our custom text...
VedanthY
Khoros Alumni (Retired)
12 months ago
Hi All,

Sharing an update, the fix is ready and will be deployed to communities on 23.10 in 1-2 days.
JasonHill
Boss
12 months ago
In the same boat as CarolineS. Could we please have an update?

Jason
mbiel
Expert
12 months ago
We are a bit confused too...
In our staging environment, we can see the changed textkey.
In our production environment we can still see the old version.
We haven't modified them, so the default is used.
Both instances run on 23.10.
mdfw
Genius
12 months ago
luk we are seeing the same issue. Hope we can get it resolved because the text they are using is not great.
EbbaArvén
Helper
12 months ago
We also have the same issue..
CarolineS
Boss
12 months ago
SudheeshN any updates on text keys?
CarolineS
Boss
12 months ago
VedanthY what about communities that aren't yet on 23.10? Our staging site is, and our production site is scheduled to be upgraded tonight. We have requested a pause of the deployment but haven't received confirmation that it will actually be paused.
If our deployment does happen tonight, it's not clear to me if the fix to the search text key will be in place or not.
I'm disappointed in the communication around this issue. It is a small thing, but rather visible. It seems like, once this was discovered, you would have reached out to affected communities and/or paused production deployments until the fix was in place across the board.