- News
- Details
This release fixes an unfortunate bug introduced in JCE 2.0.18 which would produce errors in Image Manager, File Manager etc. caused by incorrect paths created for images, files etc.
In addition, following some early reports of strange cursor issues in CodeMirror2, the Source Code view has reverted to using CodeMirror1 until these issues can be resolved.
For a full list of changes and bugs fixed see the Changelog
- Details
Initially intended as a quick maintenance release to fix a few small issues with the new UTF-8 file name support and to address some upload issues, this release quickly snowballed into something more substantial, and now includes 15 fixes, 2 changes, 2 new options and a security update.
Security Updates
File / folder name cleanup has been improved following the move to full UTF-8 support with better detection of UTF-8 names and invalid character removal, and detection of invalid extensions has also been fixed. For this reason updating to JCE 2.0.18 is recommended for all users.
New Options
Still on the subject of websafe file and folder names, an option has been added to the Editor Parameters (in the FileSystem section) to set the websafe "mode" - name cleanup / detection can now be set to the default UTF-8 or ASCII, the latter will convert UTF-8 Latin characters into their ASCII equivalents, eg: ö will be converted to o.
The JCE MediaBox Popups options now include a new Parameter widget to easily add custom parameters to the Mediabox, eg: wmode for flash files (see below)
Codemirror2
The Source Code view has bee upgrade to use CodeMirror2 which generally improves the stability (and in future) features of the editor. This upgrade comes with a quicker loading time and some new themes.
Bugs Fixed
Thanks to everyone who reported issues and helped find solutions to the problems in one way or another. Notable bug fixes include issues in Pasting, fixes for Content and Menu links created by the Link Browser, a fix for upload issues in Firefox and a fix for 403 errors in the Source Code view.
For a full list of changes and bugs fixed see the Changelog
- Details
Ok, so barely a week has gone by since the 2.0.16 release, and here we are again. Admittedly, this has got something to do with a git revert mistake which resulted in an important fix that was supposed to be included in the previous release being left out. As I couldn't replicate the bug myself it slipped through the net...
The good news is that the bug - which would cause the Source Code view to "crash" - is now fixed. In addition to this, a few new bits have been added :
- UTF-8 file name and URL's are now supported
- The Directory Path in the File Browser is now clickable - you can change directories by clicking on the folder name - see the image below.
For a full list of changes and bugs fixed see the Changelog
- Details
This release fixes a bug with Vimeo support which would result in Vimeo popups opening in a new window. In addition, all of JCE MediaBox's javascript files are now merged into a single compressed file (uncompressed source files are still included in the package).
For users who have been using JCE MediaBox since prior to 1.0.10 (releases 1.0.0 to 1.0.9) it may be necessary to remove the twitter.js and/or twitter-src.js files in plugins/system/jcemediabox/addons/
A full changelog is available here
- Details
This release includes a number of bug fixes some administration improvements and some new security features.
Administration changes
The administration layout has been improved to better support RTL languages. This is part of an ongoing project to provide full RTL support throughout the editor.
Joomla! 1.7 ACL support has been improved (including a small fix related to the omission of the admin rule). Control Panel icons and items in the Options dialog will now respect the ACL settings.
The "support" links (Forum, FAQ, Documentation, Tutorials) in the Control Panel jave been merged into one link item.
New Security Parameters
Joomla! 1.5 and 1.7 both provide a Text Filter option for the Article Manager that, by default, removes applet,body,bgsound,base,basefont,embed,frame,frameset,head,html,id,iframe,ilayer,layer,link,meta,name,object,script,style,title,xml elements, as well as the action,background,codebase,dynsrc,lowsrc attributes. It is sometimes necessary to disable this filtering function for some user groups in order to insert media elements, scripts or iframes. Unfortunately fine-grained configuration with different filtering options for different user groups is not currently possible.
JCE Profiles are prefect for setting up specific configurations for different components, usergroups or users. This could allow for a more precise approach to element and attribute filtering using the Prohibited Elements, Prohibited Attributes and Extended Elements parameters (it will be necessary to have the Cleanup HTML option enabled and the Editor Toggle option disabled)
A Prohibited Elements parameter has existed existed for some time, with a limited default element list. This has been expanded in JCE 2.0.16 to include the full default list used by the Joomla! Text Filter. The difference here is that if you have certain plugins installed or options activated, the affected tags are automatically removed from the list, eg: with the Media Support option activated and the Allow Object and Allow Embed parameters enabled will remove the object and embed tags from the Prohibited Elements list. You can remove any of the other tags by adding them to the Extended Elements list (see below - the applet and frameset elements are allowed by adding them to the Extended Elements list)
A Prohibited Attributes parameter has also been added. This allows you to set a list of attributes that cannot be set for any element. This parameter supports a simple regular expression syntax, eg: on([a-z]+) will remove all event attributes such as onclick, onmouseover etc.
I will be publishing a tutorial soon on JCE 2.0.16 security tips.
For a full list of changes and bugs fixed see the Changelog
Page 49 of 77