<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
Folks,<br>
<br>
I have just released a new beta 6.04-1.<br>
The main feature of this is I have overhauled the "Request a
drop-off" page, and added date/time pickers so you can set precise
start and end times for the request to be valid.<br>
<br>
If you have a "Content-Security-Policy" header defined in your
Apache config, that will need updating to allow "data:" URLs for
images.<br>
Fortunately I have written a tool to do that for you, and it is now
run as part of "upgrade".<br>
<br>
For more details, and how to download it, please see the beta page
at<br>
<a class="moz-txt-link-freetext" href="https://zend.to/beta">https://zend.to/beta</a><br>
<br>
*PLEASE* can you test the "request a drop-off" page on your
favourite browsers, and tell me if it all looks okay, or if it
doesn't. I've tried about 11 different browsers on 3 platforms, but
that's only a sample.<br>
<br>
The full Change Log for this beta is:<br>
- Overhauled the "request a drop-off" page.<br>
- Added new feature to requests: you can now set a start and end
date+time. Outside those times, the request won't work.<br>
- Fixed bug where admins logging in via SAML would not see
statistics button in main menu. Alternative workaround is to list
'authAdmins' users in 'authStats' as well.<br>
- Changed 'Content-Security-Policy' header definition in Apache
config. Exact change is to replace "img-src *" with "img-src data:
*", then restart Apache. Otherwise the date/time picker in the
"Request a Drop-off" form will not display correctly.<br>
- Subject in new drop-off form can now only be edited if you are
logged in.<br>
- Fixed bug in unlock-user to get all the reporting correct, and fix
and improve logging. Thanks Marlon!<br>
- Improved "upgrade" command so it warns you if you have *.rpmnew or
*.dpkg-dist files in your templates dir that you need to move into
place by hand, as you had modified the previous versions.<br>
- Improved "upgrade" command so it checks you have a
'Content-Security-Policy' header definition in your Apache config
for the https ZendTo site. And if so, adds "data:" to the list of
valid sources of images. Otherwise the date+time pickers in the
"request a drop-off" page will look messed up. If it doesn't find
the header definition at all, it suggests the change you need to
make.<br>
<pre class="moz-signature" cols="72">Jules
--
Julian Field MEng CEng CITP MBCS MIEEE MACM
IMPORTANT: This email is intended for the use of the individual
addressee(s) named above and may contain information that is
confidential, privileged or unsuitable for overly sensitive persons
with low self-esteem, no sense of humour or irrational religious
beliefs. If you are not the intended recipient, any dissemination,
distribution or copying of this email is not authorised (either
explicitly or implicitly) and constitutes an irritating social faux
pas.
Unless the word absquatulation has been used in its correct context
somewhere other than in this warning, it does not have any legal
or no grammatical use and may be ignored. No animals were harmed
in the transmission of this email, although the kelpie next door
is living on borrowed time, let me tell you. Those of you with an
overwhelming fear of the unknown will be gratified to learn that
there is no hidden message revealed by reading this warning backwards,
so just ignore that Alert Notice from Microsoft.
However, by pouring a complete circle of salt around yourself and
your computer you can ensure that no harm befalls you and your pets.
If you have received this email in error, please add some nutmeg
and egg whites, whisk and place in a warm oven for 40 minutes.
<a class="moz-txt-link-abbreviated" href="http://www.Zend.To">www.Zend.To</a>
Twitter: @JulesFM
</pre>
</body>
</html>