|
Release date: Tuesday, 16th May 2023
Error when running the Design System Wizard with GAM Full Backend and Service Layer
Issue 12887
When having a summary step and executing the action 'Customize' over a step summary that contains a Grid, an error is shown when applying the Pattern.
Issue 12892
An error is shown when applying the Pattern when having a grid with conditional formatting and editing the property removing all the configured rows.
Issue 12895
When a list with Infinite scrolling contains a DetailWebComponet with another list in it, the grid does not work correctly after expanding a row and then scrolling down to fetch more records from the infinite scrolling.
Issue 12896
A security vulnerability has been found in the Export and Export CSV actions (that WorkWithPlus can automatically generate for List objects) when the Knowledge Base is not configured to use an External Storage Provider.
The files (XLSX and CSV) are generated in a public folder. This means that an external user without logging into the System can access it if they know or guess the link.
This vulnerability issue has been fixed in WorkWithPlus 15 Upgrade #1.8 (it can also be manually fixed in earlier versions if it is not possible to upgrade to that version: Resolve export to Excel and CSV vulnerability manually). From this version onwards, by default, the Export files will be saved in the following directories:
- For Java applications: <WEB_APPLICATION>\WEB-INF
- For Net and Net Framework applications: <WEB_APPLICATION>\PrivateTempStorage
There is a new procedure named WWP_GetDefaultExportPath that defines the directories mentioned before. And when this procedure exists in the KB, WorkWithPlus makes some modifications in the code of the Export in order to save the files in the location mentioned and access them without the vulnerability. In order to have this new procedure in the KB (and other objects needed) you need to run the Design System Wizard, without the need of making any changes to its properties:
If your KB had some value in the property 'Base Location' within WorkWithPlusSettings > Actions > Export and 'Base Location' of WorkWithPlusSettings > Actions > ExportCSV, WorkWithPlus won't change the location of your export files. So, you can check that the folder you set there is private, or set Empty to those properties so that WorkWithPlus uses this mechanism.
After fixing this issue, it is recommended to manually delete all previously generated xls and CSV files from production systems which are located in the following directories:
- For Java applications: <WEB_APPLICATION>\
- For Net and Net Framework applications: <WEB_APPLICATION>\PublicTempStorage
Issue 12898
If you have an application generated for Android, and you create a Panel based on a BC transaction for a list, it creates the screens for inserting, deleting, and updating data.
When wanting to delete a record in Android, when calling the .Delete() method of the Business Component variable, the record is not deleted and the application reloads, returning to the home screen.
As Workaround, the Business Component variable is loaded with .Load(&<PK_Name>) at the start of the TrnEnter button event with the following code.
If &TrnMode = TrnMode.Delete
&<Trn_Name>.Load(<&PK_Name>)
EndIf
Issue 12900
An error is thrown when running the Design System Wizard selecting the options GAM with Full Backend and 'Data Access' as Service Layer.
|