8.11

Last modified: September 18, 2023

8.11.1

Release date: July 23, 2020

Go to Marketplace

Fixes

  • We fixed an issue regarding the SameSite cookie policy. Now if addCookie is called on IMxRuntimeResponse the SameSite attribute is only set if the cookie is created with the attribute Secure.
  • Besides any cookies coming from the Runtime, the client manages two particular cookies: originURI and a test cookie that is used to reliably determine whether cookies are enabled in the browser. In line with the stricter default value for the SameSite cookie attribute (as enforced by the latest versions of Google Chrome and upcoming versions of Mozilla Firefox), we now set the SameSite attribute to None and the Secure attribute to true, in case the app is being served over https. For apps served over http, there are no changes.

Known Issues

8.11.0

Release date: July 7, 2020

Go to Marketplace

Improvements

  • We now support the SameSite property in HTTP cookies. It is set to None by default, but this can be changed in the custom settings.
  • The XPath contains, starts-with, and ends-with string functions are now case-insensitive in SAP HANA.
  • We upgraded the following JDBC drivers:
    • HSQLDB to version 2.5.0
    • PostgreSQL to version 42.2.14
    • Microsoft SQL Server to version 8.2.2
    • Oracle to version 19.6
    • MariaDB to version 2.6.0
  • Helpful information is now shown when a query timeout occurs during a cluster leader action.
  • We improved the look and feel as well as the styleability of reference selector and drop-down widgets for native mobile pages. To access the new versions, either set useUniformDesign: true or upgrade Atlas UI to the latest version.
  • When you select a page for the Show page activities in microflows/nanoflows, the context object will now be automatically filled in if there is only one candidate available.
  • Published OData services now allow clients to retrieve associated data using $expand.
  • We added the Highlight shown errors and warnings in the editor setting in the Preferences dialog box to enable or disable the highlighting of errors/warnings in the editor.
  • You can now use a listening data view inside a pluggable widget.
  • The Export documentation to file option now includes enumerations with a name and caption (in the default language) for each value.

Fixes

  • We fixed a rare issue where Studio Pro crashed when validating XPath constraints. (Ticket 100658)
  • We fixed a bug that prevented users from changing their own passwords. (Tickets 98303, 98732, 99392)
  • We fixed an issue where it was no longer possible to copy-paste tab pages.
  • We fixed a bug where users saw the mouse pointer on clickable containers, although those same users could not access the configured action. (Ticket 100744)
  • We fixed an issue in the Call REST service and Call web service activities where setting Timeout to empty gave an error pop-up window and it should have given a consistency error.
  • We fixed an issue where a data view with a conditional visibility expression that made it initially invisible prevented the entire page from loading. (Ticket 102053)
  • If the Errors pane was too small to display any errors, using the Go to Error List menu item on an element resulted in an error. This is now fixed.
  • Error/warning highlights in the microflow editor are now drawn at the correct scale when using a DPI setting other than 100%.
  • When you had a page with a lot of widgets and were moving to another page or the page was rebuilt because the data sources were returning different objects, this resulted in an error in the client. We fixed this and improved performance along the way. (Ticket 98603)
  • Pluggable widgets were sometimes showing an Unknown widget error in the client. This should no longer be the case.
  • If a custom widget could not be loaded, opening its properties dialog resulted in an error. This is now fixed.
  • We fixed a bug where synchronizing more than 999 objects with the Synchronize to device activity caused an error in an offline-first application.
  • We solved an issue where native apps became unresponsive after performing multiple navigation actions in one nanoflow. (Tickets 93927, 94302, 100808, 102203)
  • We fixed an issue with the parseInteger and parseDateTime functions. The default values are now allowed to be empty again. (Ticket 102398)

Deprecations

  • The constructor of RequestHandler that accepts an Object component as a parameter has been deprecated in the Runtime API. Use the no-arg constructor instead.

Known Issues

  • Users with non-administrative user roles with the permission to manage users are able to escalate their privileges. For more information on this vulnerability, see SSA-875726 Privilege Escalation Vulnerability in Mendix.
  • Cookies set by the client do not fully comply with the new requirements with regards to the SameSite attribute, which are being rolled out by Google Chrome (for more information on SameSite cookies, see SameSite cookies explained). Some users may experience problems opening their application when running locally and when using Chrome. (Ticket 104100)