17.03.06.00 - Apigee Developer Services Portal Release Notes

On Monday, March 6th, we began releasing a new cloud version of Developer Services Portal.

Bugs fixed

The following bugs are fixed in this release. This list is primarily for users checking to see if their support tickets have been fixed. It's not designed to provide detailed information for all users.

Issue ID Description
DEVSOL-2401 Update contrib modules to pick up Views security fix
The following contrib modules were updated to latest stable:
  • Captcha
  • LDAP
  • Media
  • Views (security update)
  • Views Bulk Operations
  • Views Slideshow

The following theme was updated to latest stable:

  • Bootstrap
DEVSOL-2386 Enable iframes in Media Browser window
In cloud release 17.02.21.00, the X-Frame-Options header was set to DENY for all pages (out-of-the-box, Drupal defaults to SAMEORIGIN for this header). While this resulted in hardening the security of the Drupal product as a whole, it also broke some functionality, most notably the Media Browser which allows embedding of media from the media library in rich-text edit fields. The X-Frame-Options header is now reverted to SAMEORIGIN. Those requiring this header's value to be DENY should consider installing and configuring the Security Kit and Security Kit Override modules.
DEVSOL-2384 Analytics is not working: Highcharts is not defined
A bug was fixed in which the JavaScript assets of the Highcharts graphing library may not have been included correctly for sites which serve aggregated JavaScript. This would have affected the developer app performance pages.

Additionally, if serving Highcharts assets via a CDN is undesirable, there is a new configuration option which allows customers who have uploaded a copy of Highcharts to /sites/all/libraries to serve those assets locally instead.