- Apigee Developer Services Portal Release Notes

On Monday, January 25, 2016, we released a new cloud version of Developer Services Portal.

If you have questions, go to Apigee Customer Support.

For a list of all Apigee Edge release notes, see Apigee Release Notes.

Bugs fixed

The following bugs are fixed in this release.

Issue ID Description

Detect, delete, and recreate invalid SmartDocs models at profile install
If the Weather or Petstore example SmartDocs model exists on the API Modeling backend during profile install, and if the current revision is invalid, a new revision is created before importing from WADL or Swagger.


API Product Role Access feature stopped functioning
If you delete an API product and then recreate it using an identical name but different captialization, the API Product Role Access feature will now continue to function.


Revert "me Aliases" patch to fix issue with Add App button
The patch to the "me Aliases" module which was added in release has been reverted. The patch caused the "Add App" button on the "My Apps" page to display a 404 Not Found error.


Trigger email when developer app is approved
When a developer app is approved on the Management UI an email to the developer is now triggered when the cron job is run.

Note: This update may case cause excessive server load when running cron jobs for organizations with a large number of developer apps.


Dev Portal settings autofill user passwords
The administration settings page under Configuration > Dev Portal now provides a flag that disables autofill of user passwords to prevent an administrator from accidentally changing the Edge connection settings.

Note: This flag may be overriden by the autofill settings enabled in the browser.


Swagger import with API key does not render lock icon
When you import a Swagger file with an API key security declaration, a lock icon will appear for each method.

Note: You will need to create a new model or reset the model's template in order to see this change.


Prevent XSS security vulnerability in Apigee Responsive theme
In order to address a cross-site scripting (XSS) security vulnerability, Apigee Responsive theme settings are stripped of HTML content. Only administrators have permission to modify the Apigee Responsive theme settings, so the vulnerability is low.

This fix applies to themes that are derived from the Apigee Responsive theme. However, if the derived theme adds text fields to the theme settings, ensure that the text is checked for HTML before presenting it to the user. For complete details, see the following Drupal article: Handle text in a secure fashion.


SmartDocs hangs brower when processing large JSON documents
If your API endpoints return excessively large JSON documents in response to a SmartDocs request, the browser may hang while the syntax highlighter JavaScript library (Prism) parses the entire document. In order to mitigate this issue, the syntax highlighter (Prism) can now be disabled on the SmartDocs configuration page.

Send feedback about...

Apigee Docs