Release 2019.009 - HL Vanilla Community
<main> <article class="userContent"> <p><em>Release 2019.009 was first deployed to Vanilla Cloud on Wednesday, July 10th 2019</em></p><h2 data-id="moderationspam-queue-improvements">Moderation/Spam Queue Improvements</h2><p>The Moderation Queue and Spam Queue now display full user content, allowing for easier triaging.</p><p>Full post formatting is now displayed, including Images, GIFs, and Rich Embeds making moderation of your Vanilla Forum easier than ever!</p><p>Additionally the moderation toolbar now sticks the top of the page so you don't have to scroll back up to it to take action.</p><div class="embedExternal embedImage display-large float-none"> <div class="embedExternal-content"> <a class="embedImage-link" href="https://us.v-cdn.net/6030677/uploads/471/AQQYBYPQDSBJ.png" rel="nofollow noreferrer noopener ugc" target="_blank"> <img class="embedImage-img" src="https://us.v-cdn.net/6030677/uploads/471/AQQYBYPQDSBJ.png" alt="image.png" height="1390" width="2484" loading="lazy" data-display-size="large" data-float="none"></img></a> </div> </div> <h2 data-id="knowledge-base-analytics-support">Knowledge Base Analytics Support</h2><p>Knowledge base now supports Advanced Analytics with charts and tracking for the following data:</p><ul><li>Total articles added</li><li>Total "Helpful" reactions</li><li>Total articles updated</li><li>"Helpful" reactions by day</li><li>Top articles with the most "Helpful" reactions</li><li>Top users with articles having the most "Helpful" reactions</li><li>Top users who have created the most articles</li></ul><div class="embedExternal embedImage display-large float-none"> <div class="embedExternal-content"> <a class="embedImage-link" href="https://us.v-cdn.net/6030677/uploads/752/3SH9HBTGEX7L.png" rel="nofollow noreferrer noopener ugc" target="_blank"> <img class="embedImage-img" src="https://us.v-cdn.net/6030677/uploads/752/3SH9HBTGEX7L.png" alt="image.png" height="1358" width="2362" loading="lazy" data-display-size="large" data-float="none"></img></a> </div> </div> <h2 data-id="bug-fixes">Bug Fixes</h2><h3 data-id="rich-editor"><strong>Rich Editor</strong></h3><ul><li>Fix Rich Editor responding slowly in some browsers - <a href="https://github.com/vanilla/vanilla#/9012" rel="nofollow noreferrer ugc">vanilla#9012</a></li><li>Fix clicking on Rich Editor mentions being able to crash the editor - <a href="https://github.com/vanilla/vanilla/pull/9012" rel="nofollow noreferrer ugc">vanilla#9012</a></li><li>Fix Css bug when creating a spoiler - <a href="https://github.com/vanilla/vanilla/pull/9014" rel="nofollow noreferrer ugc">vanilla#9014</a></li></ul><h3 data-id="ideation"><strong>Ideation</strong></h3><ul><li>Fix 422 errors when making an api v2 call to /discussions -<a href="https://github.com/vanilla/internal/pull/1915" rel="nofollow noreferrer ugc"> support#548</a></li></ul><h3 data-id="subcommunities"><strong>Subcommunities</strong></h3><ul><li>Update Subcommunities to redirect discussions viewed from the incorrect subcommunity - <a href="https://github.com/vanilla/multisite/issues/213" rel="nofollow noreferrer ugc">multisite#213</a></li><li>Fix incorrect building of url when using subcommunities and hub/node together - <a href="https://github.com/vanilla/multisite/pull/214" rel="nofollow noreferrer ugc">multisite#214</a></li></ul><h3 data-id="mebox"><strong>MeBox</strong></h3><ul><li>Ensure users can view their own profile information even if they do not have the moderator level permissions to view other users personal information - <a href="https://github.com/vanilla/vanilla/pull/8993" rel="nofollow noreferrer ugc">vanilla#8993</a></li></ul><h3 data-id="search">Search</h3><ul><li>Fix Rich Post formatting while using search <em>without Advanced Search.</em></li></ul><h3 data-id="reporting"><strong>Reporting</strong></h3><ul><li>Fix broken format when reporting a post <a href="https://github.com/vanilla/internal/pull/1912" rel="nofollow noreferrer ugc">internal#1912</a></li></ul><h2 data-id="security">Security</h2><p>This release patches multiple medium severity security issues.</p><ul><li>Fix invitation limits not being enforced <a href="https://github.com/vanilla/vanilla-patches/issues/541" rel="nofollow noreferrer ugc">patches#541</a></li><li>Remove dynamic RemoteUrl detection code to fix XSS vulnerability <strong><em>(note: This could potentially be breaking change for sites that were improperly configured using a method deprecated 7 years ago) </em></strong>- <a href="https://github.com/vanilla/vanilla-patches/issues/585" rel="nofollow noreferrer ugc">patches#585</a></li><li>Fix potential security vulnerability in <code class="code codeInline" spellcheck="false" tabindex="0">serveFile()</code> method - <a href="https://github.com/vanilla/vanilla-patches/issues/581" rel="nofollow noreferrer ugc">patches#581</a></li><li>Fix Right to Left override character scrambling URL on leaving page - <a href="https://github.com/vanilla/vanilla-patches/issues/582" rel="nofollow noreferrer ugc">patches#582</a></li><li>Improper Access Control - API V2 media endpoint - <a href="https://github.com/vanilla/vanilla-patches/issues/545" rel="nofollow noreferrer ugc">patches#545</a></li><li>Fix Path disclosure - <a href="https://github.com/vanilla/vanilla-patches/issues/203" rel="nofollow noreferrer ugc">patches#203</a></li><li>Publish WordPress addon security fixes - <a href="https://github.com/vanilla/wordpress-vanilla/issues/31" rel="nofollow noreferrer ugc">wordpress-vanilla#31</a></li><li>Fix unprivileged setting of QnA status when adding or editing comments - <a href="https://github.com/vanilla/addons-patches/pull/33" rel="nofollow noreferrer ugc">addons-patches#33</a></li><li><br></li></ul><h2 data-id="developer-notes">Developer Notes</h2><p><strong>HTTP Headers</strong></p><p>Starting in this release, various internal infrastructure headers are no longer being used in the application and have been removed from <code class="code codeInline" spellcheck="false" tabindex="0">Gdn_Request</code> - <a href="https://github.com/vanilla/vanilla-patches/pull/574" rel="nofollow noreferrer ugc">patches#574</a>.</p><pre class="code codeBlock" spellcheck="false" tabindex="0">HTTP_X_FORWARDED_HOST HTTP_X_CLUSTER_CLIENT_IP HTTP_X_ORIGINALLY_FORWARDED_PROTO </pre><p><strong>TSLint -> ESLint</strong></p><p>Starting in this release the frontend codebase is now validated with ESLint instead of TSLint.</p> </article> </main>