From: Artur Signell Date: Tue, 10 Apr 2012 20:12:57 +0000 (+0000) Subject: Removed old info and added mention of #4296 X-Git-Tag: 7.0.0.alpha2~97^2~1 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=a12bfcf94d0946e3e6166bed168bc6d8420f2509;p=vaadin-framework.git Removed old info and added mention of #4296 svn changeset:23425/svn branch:6.8 --- diff --git a/WebContent/release-notes.html b/WebContent/release-notes.html index f511774584..4574766ea9 100644 --- a/WebContent/release-notes.html +++ b/WebContent/release-notes.html @@ -43,8 +43,9 @@

-

Security fixes in Vaadin @version-minor@

-

Vaadin 6.7.0 and later incorporates fixes for the following security issues:

- - -

- These issues were discovered by Wouter Coekaerts (http://wouter.coekaerts.be/) and an internal review. - Immediate upgrade to a version containing the fixes (6.6.7 or later or 6.7.0 or later) is strongly recommended for all users. -

- -

- The most serious of these issues is the directory traversal attack that can allow read access to the class files of an application as well as some configuration information. -

- -

- If unable to immediately upgrade Vaadin to a version containing the fixes, the directory traversal vulnerability can be mitigated by not mapping the context path - "/VAADIN" to a Vaadin servlet in web.xml but instead deploying such static resources (themes and widgetsets) directly on the server and serving them as files. -

- -

- The other vulnerabilities typically require user actions (pasting text crafted by the attacker into the application or following a link crafted by the attacker) - for a successful attack, but may be exploitable more directly in certain applications. They can allow the attacker to control the user session for the application - in the browser. -

+

Enhancements in Vaadin @version-minor@

- SQLContainer -

-

SQLContainer connects your application to an SQL database using - JDBC. SQLContainer allows you to easily bind data stored in a SQL - database to Table and Select components, as well as edit the data - using Forms. Compared to many object-relational tools this provides - you with fast, low-level database access.

-

SQLContainer was previously distributed as an add-on and has - now been integrated into the framework.

-

- TreeTable -

-

TreeTable is an extended Table component that can show - hierarchical structures in its first column. Users can show or hide - children from a small icon before the actual column value in the - first column.

-

TreeTable is, similarly to Table, designed to scale well with - large number of rows by only sending the needed rows to the browser. - With the Collapsible Container extension, a developer can build the - data provider so that it does not consume too much memory on the - server side either.

-

- Chameleon Theme -

-

Chameleon Theme provides a completely new look and feel for - your application.

-

- The theme is built on top of the Vaadin Base theme and tries to keep - out of the way where appropriate, so small modifications are easy to - do with CSS. -

- The theme contains several different useful styles for many of the - basic components like big and warning for a Label. You - can even combine many styles together, like big warning -

- If the default color scheme does not suit your taste, feel free to - use the online color scheme editor at http://demo.vaadin.com to build a - customized theme.You can also change the base font size for the whole - theme with the same editor. -

- Note that the theme is intentionally simplified for some - browsers, most notably old Internet Explorer versions. -

-

-

- Notification now supports a plain text mode for its contents -

-

- OptionGroup now supports a HTML mode for the item captions -

-

- OptionGroup now supports item icons -

-

- MenuBar now supports a HTML mode for the item captions -

-

- ComboBox now supports scrolling using the mouse wheel -

-

- Table ColumnGenerator can now generate plain text in addition - to Components -

-

- TabSheet tabs can be styled individually -

-

- Button can be automatically disabled when clicked -

-

- Tree, Table and TreeTable support tooltips for - individual items or cells -

-

- Table and TreeTable now support GeneratedRows that can - be used for grouping or summary rows -

-

- TreeTable supports animation for expand and collapse - operations -

-

- TreeTable supports expand and collapse listeners -

-

- PopupDateField and InlineDateField now support time - zones -

-

- ComboBox can now be used as a replacement for NativeSelect -

-

- Audio and Video components implement support for HTML5 <audio> and <video> elements. -

-

- CDI can now also be used with @SessionScoped beans. -

-

- Sampler is no longer distributed as part of Vaadin @version@. - It will be available as a separate download -

-

- Book of Vaadin is no longer distributed with Vaadin @version@. - It is available as a separate download from http://vaadin.com/book -

-

- The full - details of the enhancements can be found at dev.vaadin.com. + TODO: Enhancements

+

TOdO: Enhancements.

Fixes in Vaadin @version@

-

- #7788 Field.setProperyDatasource() does not reflect value for 6.7.0
- #7479 Vaadin apps cannot current be deployed on IBM WebSphere v8
- #7724 TextField with PropertyFormatter did not repaint in 6.7.0 (event with requestRepaint() call)
- #7731 Javascript error when adding an item to an empty Table when setColumnWidth is used
- #7776 AbstractField don't respect value change events from property during commit
- #7778 Table rendering problem
- #6588 Repainting in TextChangeListener will send wrong value to client.
- #7720 TreeTable doesn't get refreshed if all entries are removed
- #7738 Slashes or backslahes in ApplicationResources URLs should not be encoded
- #7753 TreeTable gets into a state that causes internal error when getChildren throws an exception.
- #3710 Width is miscalculated for the footer layouts in forms of undefined size
- #7548 TestBench pressSpecialKey (arrows) doesn't work on Tree in IE6
- #7708 DragAndDropWrapper.setDescription("foo") does not work
- #7736 Logging level of SqlContainer is too high
- #7755 Debug window "highlight component" does not work with sub windows
+

+ TODO: Ticket list

The full @@ -254,21 +105,7 @@

Backwards incompatible changes in Vaadin @version-minor@

-

Table.ColumnGenerator.generateCell has been changed to return - Object instead of Component to enable generation of plain text.

-

Package names for SQLContainer, TreeTable and Chameleon Theme - java files have been changed from com.vaadin.addons.* to com.vaadin.*

-

-

If you have been using SQLContainer, TreeTable or Chameleon - Theme as add-ons, remove the add-on jars from the project.

-

The DOM structure of Forms without descriptions has changed, which means - that any TestBench scripts testing this kind of Form need to be updated. - If your tests start failing, subtract one from the index in the test script, - e.g. change -

VForm[0]/domChild[0]/domChild[3]
- into -
VForm[0]/domChild[0]/domChild[2]
- and your tests will pass again.

+

VerticalSplitPanel and HorizontalSplitPanel position is now a float instead of an int to enable defining an exact position when using percentages.

Vaadin @version@ dependencies

Vaadin uses GWT @gwt-version@ for widget set compilation. GWT can be