close

Filter

loading table of contents...

Release Notes / Version 10.2107

Table Of Contents

CoreMedia Content Application Engine

Removed SettingsServiceFilter

Removed class com.coremedia.blueprint.cae.settings.SettingsServiceFilter . Either use the settings service Spring bean or use the FreeMarker settings functions instead.

(CMS-10328)

Made CAE SameSite Cookie strategy configurable

The config options prefixed cae.cookie control the CAE's behavior when sending cookies. It is now possible to configure the value of the SameSite attribute and whether or not to force all cookies to Secure and HttpOnly . By default the same site strategy is None and cookies are forced to Secure and HttpOnly .

(CMS-18595)

cae.hashing.secret changed from max length 32 to min length 32

The secret 'cae.hashing.secret' configured in CaeSecretConfigurationProperties, which is used for URL parameter hashing changed from max length 32 to min length 32.

(CMS-18518)

Single and bulk resource patterns and TTLs for cache control in live CAE have been fixed

The single resources pattern for the cache control configuration in live CAE didn't have any effect because of too many escape characters in the pattern. This has now been fixed. Furthermore, the bulk resource pattern has been improved to not mix up with the single resource pattern, and both cache TTL values for these pattern have been increased to 365 days. Please be aware that with this AMP release the cache control TTLs might change, if you use the default settings.

(CMS-18368)

Removed the JSP settings taglib functions

Removed JSP settings functions bp:setting and bp::settingWithDefault . Use model beans accessing the settings service instead.

(CMS-16974)

Reworked CORS configuration / replaced livecontext.crossdomain.whitelist

The configuration of CORS (Cross-Origin Resource Sharing) for the CAE has been reworked. It is now configured using the cae.cors.\* configuration properties (see public API). The properties cae.preview.crossdomain-whitelist and livecontext.crossdomain.whitelist have been removed. They are replaced by cae.cors.allowed-origins-for-url-pattern\ {path:.*} .

Follow Section, “Reworked CORS configuration / replaced livecontext.crossdomain.whitelist” for upgrade information.

(CMS-16714)

Search Results

Table Of Contents