• Contact Us
  • facebook

  • twitter

  • linkedin

stSoftware logo stSoftware sustainable technology
Services
  • Solution Design
  • Legacy System Migration
  • Training
  • Penetration Testing
  • Selenium Automated Web Testing
  • AWS Consultancy
  • Work-From-Home Solutions
Products
  • JobTrack for SMEs
  • CloudBlocks
  • Franchise Systems
  • E-Commerce
Case Studies
  • Legacy Cloud Migration
  • Member Track
Modules
  • Content Management System
  • Email Marketing
  • Cloud CRM
  • Cloud File Manager
  • Web Forms
  • ReST API
  • Progressive Web Apps
How We Work
  • Continuous Improvement Program
    • Cloud Hosted
    • Self Hosted
  • Agile Development Lifecycle
Pricing
  • Professional Dev & Support

stSoftware October 2016 Release Notes

stSoftware October 2016 Release Notes

Summary Performance enhancements Excel template for accessing ReST services  Screen expander Xero sync support added Fixed all XSS issues in core system identified by scans with https://www.tinfoilsecurity.com Fixed text expander  ReST sync fixed Upgrade of core components  ReST v7/class enhancements Other Performance enhancements DBResult will page ahead for large record sets using a separate thread. Reduce logging of deprecated ReST calls ( was once every call, now once a minute) No need to check...

Take a look at what's new

Summary

  1. Performance enhancements
  2. Excel template for accessing ReST services 
  3. Screen expander
  4. Xero sync support added
  5. Fixed all XSS issues in core system identified by scans with https://www.tinfoilsecurity.com
  6. Fixed text expander 
  7. ReST sync fixed
  8. Upgrade of core components 
  9. ReST v7/class enhancements
  10. Other

Performance enhancements

  1. DBResult will page ahead for large record sets using a separate thread.
  2. Reduce logging of deprecated ReST calls ( was once every call, now once a minute)
  3. No need to check if user "System" can access a record. It can always access a record.
  4. Always search by concrete fields first then derived fields.
  5. Search by the paths with the least steps first
  6. Use LargeLongArray instead of very large native long[] as the G1 garbage collector segments the heap into thousands of smaller heaps. A large native long[] array causes "stop the world" pauses.
  7. DBReslt is now multi-thread safe. 

Excel template for accessing ReST services

A Excel template for fetching data via ReST services can be downloaded here.

Screen expander

 Pop open windows will now automatically expand to the content size.

Xero sync 

Invoices and contacts can now be automatically sync'd to Xero when created in ST

Cross Site Script (XSS)

  • New validation on all text&string fields to make sure the character values are within the illegal XML/HTML character range.
  • Special parameters are checked to make sure they pattern match expected values if not a status 400 is returned. 
  • Special parameters for controlling window flow are sanitized. 
  • Automated unit test added which randomly injects standard attack strings into random screen parameters added to the daily builds. 
  • Validate all search parameters are valid before attempting the search

Text expander

 The text expander has be fixed to expand the text box to 80% of the window width

save image

ReST v5/sync 

  1. ReST v5/sync has been enhanced to call v7/class
  2. Fix issue where one call setting the cursor size could leak over to a later call  ( because of thread pooling).
  3. de-duplicate paths parameter
  4. return status 400 for classes that don't record journal data
  5. Correctly handle classes that have fields/subclasses defined in different layers
  6. Scan the trans_data table instead of joining to trans_record 
  7. Removed the select overhead in isApplicable() method completely.
  8. Adjust page size to fix within desired maximum block time.

Upgrade of core components

  • Tomcat -> 8.0.38
  • ActiveMQ 5.14.1
  • Swagger UI 2.2.5

ReST v7/class enhancements

  • fixed issue found in v6/class when the _href is repeatedly followed from one call to v6/class to another.
  • Fixed a n! performance issue in v6/class when scrolling very large data sets ( tested on a production 500k recordset), this is fixed by the cursor id which is passed back in the next parameter. The new ReST v7/class now supports cursors for scroll very large datasets ( 500k+) plus setting the cache headers when a key & timestamp are passed.
  • Issue with v6/class where the transaction/layer part of the key passed to class rest service gets translates to a timestamp then linked records keys are returned with the maximum transaction for that record. When you then ask for the next record the process repeats but the next linked records will be as of the timestamp of the second linked record.
  • Corrected handling of fetching records for classes without a primary key in v6/class
  • Validate the parameters better to prevent 500 statuses in v6/class ( 400 instead)
  • Corrected support for cache headers ( only set cache headers when archive is used)
  • deprecated v6/class

sanity checks

Other

  1. Don't use Archive for private database sites 
  2. heartbeat to check the last back up time. 
  3. fixed margin & alignment in member payment report
  4. new field Business:displayABN which correctly formats the ABN
  5. ReST to allow call timeout
  6. Handle guest sessions in server clusters. 
  7. Mask password in logs when failing to connect to an SFTP server.
  8. Check Integer overflow in ReST services. 
  9. Fixed file location to contain layer id.
  10. Fixed issue where searching for temporary rows ( performance issue as row will never be found)
  11. Retry connection to mail server. Suppress error message if retry succeeds.
  12. Removed unused GWT modules. All GWT modules are now deprecated and will be removed over time.
Tags: release XSS

Recent Posts

  • Do you have a process to manage complaints?
  • What is your Business Continuity Management Policy or process?

Authors

  • Alison Leck(4)
  • Angus Leck(1)
  • Harry Shaw(10)
  • Lei Gao(23)
  • Liam Itzhaki(17)
  • Nigel Leck(106)
  • Parminder Singh(2)
  • Tina Odling(79)

Published

  • Jan 2021(2)
  • Oct 2018(2)
  • Sep 2018(1)
  • Aug 2018(1)
  • Apr 2018(1)
  • Feb 2018(5)
  • Jan 2018(1)
  • Nov 2017(1)
  • Aug 2017(2)
  • Oct 2016(1)
  • Jun 2016(5)
  • May 2016(1)
  • Apr 2016(2)
  • Mar 2016(3)
  • Feb 2016(1)
  • Jan 2016(1)
  • Nov 2015(2)
  • Oct 2015(2)
  • Sep 2015(3)
  • Aug 2015(5)
  • Mar 2015(3)
  • Dec 2014(1)
  • Oct 2014(2)
  • Sep 2014(3)
  • Aug 2014(2)
  • Jul 2014(4)
  • Jun 2014(4)
  • May 2014(3)
  • Apr 2014(9)
  • Mar 2014(12)
  • Feb 2014(4)
  • Jan 2014(6)
  • Dec 2013(14)
  • Nov 2013(10)
  • Sep 2013(13)
  • Aug 2013(13)
  • Jul 2013(6)
  • Jun 2013(1)
  • May 2013(4)
  • Apr 2013(17)
  • Mar 2013(57)
  • Feb 2013(3)
  • Jan 2013(1)
  • Dec 2012(1)
  • Aug 2009(1)
  • Aug 2007(3)
  • Aug 2004(1)
  • Sep 2002(1)
  • May 2001(1)

Tag Cloud

accessibility ACLs Agile APP Article awards Calendar cms coding standards control panel crm CSS customize DDoS designer difference DNS documents email event Excel featured feeds HA how-to HTML iCal Java JavaScript Journal JSON landing-page menu meta mobile password policy publish publisher PWA release Responsive ReST RSS search security SEO setup spell SSL SSO store stSoftware template testimonial Threads tinyMCE twitter unsubscribe validation web folders webdav workflow XML XSS
About Us
History
Mission
Values
Team
stSoftware is a technology company specializing in cloud solutions.

We provide high-performance websites, online business systems, and professional IT services to deliver exceptional solutions; from highly complex multi-national systems to rapid startup hosted solutions.

Latest News
  • Do you have a process to manage complaints?
    by: Tina Odling - 18 Jan 2021
  • What is your Business Continuity Management Policy or process?
    by: Tina Odling - 17 Jan 2021
  • Updates for Tablet Devices
    by: Harry Shaw - 30 Oct 2018
Contact Us

Street Address: Suite 223/117 Old Pittwater Road
Brookvale, New South Wales 2100 Australia
Phone: 1300 78 73 78
International: +1 917 267 7607
Email: sales@stsoftware.com.au

About stSoftware
  • About us
  • History
  • Mission
  • Values
  • Team
FAQs
  • Cloud Conversion
  • Cloud Hosting
  • AWS Email Service Terms
  • Complaints Handling Policy
  • Business Continuity Management Policy
  • CMS Functions
  • Security
  • Support
  • Service Level Agreement (SLA)
  • Cloud File Manager
  • Email Marketing
  • CRM
  • WebForms
  • Policies
Feeds Menu
  • Feeds
  • Blog
  • Site Map
Links
  • Testimonials
  • Demonstrations
  • Professional services
  • Terms of Use
  • Security
  • Privacy Policy
Powered by AWS Cloud Computing
Powered by stSoftware

top

  • facebook

  • twitter

  • linkedin

  • github

© Copyright 2021 stSoftware. All Rights Reserved. Powered by stSoftware.