Documentation Center

Fixed issues in 11.0.1 Web/App/Db Server

The following issues are fixed in version 11.0.2 of SDL LiveContent Architect compared to 11.0.1.

Security Enhancements

  • The web client pages delivered in Classic ASP were reviewed for various security vulnerabilities like cross-site-scripting, proper encoding of HTML, JavaScript and Urls. [TS-8637|TS-9287|TS-9362|TS-9286|TS-9294|TS-9295|TS-9296|TS-9297|TS-9358|TS-9359|TS-9360|TS-9361|TS-9363]
  • A successful login with an account part of the AuthExemptAccountList registry setting negates all successive password expiration rules of other users until the process recycles. AuthExemptAccountList is typically only used by customers that have build a content delivery on top of LiveContent Architect. [TS-9442|TS-9432]

PublishService

  • PublishService can handle various event types, not only EXPORTFORPUBLICATION. [TS-9305]
  • We adapted \ASP\XSL\EventMonitorMenuBar.xml to group some expected new publish event types under the Publish grouping. [TS-9305]
  • Publish to LiveContent Reach now normalizes the incoming boolean flag FPUBINCLUDECOMMENTS when publishing. This should allow Display draft comments in publication. [TS-8303|TS-9475]
  • Publish to LiveContent Reach for a publication with a branched version number (e.g. 1.4.1) used to result in a Reach identifier like LiveContentPub-v1.4.1. On 11.0.0 and 11.0.1 more strict character filtering was done to avoid Reach encoding problems, therefor publishing resulted in an identifier without dots like LiveContentPub-v141. We restored the earlier branch version number behavior with dots. To avoid legacy conversion problems where you potentially loose comments, the system will re-use existing Reach publications created with either identifier system by verifying its metadata. The following characters will be filtered out: / (slash), \ (backslash), : (colon), * (star), ? (question mark), ' (single quote), < (less than), > (greater than), | (pipe), & (ampersand), + (plus), # (hash), % (percent) and " (double quote). [TS-9484|TS-9452]
  • Publish post processing received a fix for better local <xref> handling in file ISHPublUtil.vbs. An <xref> with landing point inside the same file will no longer result in TopicId#AnchorId but only #AchorId. [TS-9282|TS-9478|SRQ-2709]
  • Publish post processing received a fix in file FeedSDLLiveContent.ps1 to stop potential infinite looping when publishing a single topic to LiveContent Reach. On most environments Reach is not set up to handle single topic publish requests, which resulted in a configuration error like Remote::GetPublicationMetadata -> gave error: Exception calling "GetMetadata" with "2" argument(s): "The parameter lngRef with value "0" is invalid. Zero is not allowed as valid value." at line 538 position 5. With this fix, such a request should now end with error number -20005 which holds message "Publishing command raised error: Configuration error, missing publication information. Remember that content object publishing is not configured for this output format."

Database

  • Creation script ISH_CreateTables.sql for new Microsoft SQLServer databases is now update to be on par with the upgrade scripts. [TS-9273|TS-9477]

Secure Token Service - Authentication and Authorization

  • When using a web browser to InfoShareSTS, so LiveContent Architect as your identity provider, the system returned you the message Incorrect credentials or no authorization when actually your password was expired. This expiration is controlled through registry entry AuthMaximumPasswordAge expressed in days which defaults to no expiration. In the web client you will now receive a more distinct message reading Your password has expired. Please enter a new password or contact your system administrator. [TS-9465|TS-9433]
  • InfoShareSTS will now always show a "Change Password" hyperlink which allows you to change your password, even when expired. [TS-9440|TS-9466|SRQ-2882]

Other

  • SolrLucene running in either 32-bit or 64-bit mode runs our of resources (memory, transaction time out,...) when the Crawler service passes an xml file of size 5Mb for xml-aware indexing. Out-of-the-box SolrLucene is configured to parse any incoming xml using SolrLucene field " XMLCONTENT" for xml-aware queries. To improve stability and performance, the Crawler service received an optional setting that will make the service no longer pass xml files over a certain size to the " XMLCONTENT" field. You will still have metadata searching, also the text of the xml file will be searchable - you will only no longer be able to query using the xml-aware syntax (e.g. -<indexterm>). To enable the skipping of xml having a size of over 1000000 bytes, activate HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Trisoft\Tridk\TridkApp\InfoShareBuilders\CrawlerCatalogMaxCharsXMLCONTENT expressed in bytes (e.g. 1000000) and restart the Crawler service(s). [SRQ-2696|TS-9292|TS-9320|TS-9321]