1.7.14
collectiveaccess
released this
24 Jan 04:57
·
118 commits
to master
since this release
Version 1.7.14 is a maintenance release with these bug fixes and minor improvements:
- Add checks to prevent potential XSS and CSRF security vulnerabilities
- Handle non-standard ports when generating URL for background search indexing
- Update selected 3rd party libraries for bug fixes
- Improve script path parsing to addresses issues for systems running PHP-FPM proxies where quick search expressions containing spaces (or other URL escaped characters) will throw an invalid controller error when "full results" is selected. This is due to a bug in PHP processing of content for $_SERVER['SCRIPT_NAME'] in several PHP 7.x versions when running as PHP-FPM. See https://bugs.php.net/bug.php?id=74129.
- Fix issue where CSRF token was not passed when creating sets from search and browse results
- Improved cs_CZ translation
- Add support for localized numeric metadata values
- Fix for issue where hierarchical browse would not include parents for relevant children in some cases
Note that this version is not yet compatible with PHP version 8. Please use versions 7.3 or 7.4.