Release Notes 2.6

What’s New

Improved Accessibility

Many aspects of accessibility have been improved. These include (but are not limited to)

  • Improved navigation via TAB control

  • Improved contrasts

  • More precise help texts

  • Consistent support for screen readers

ArcGIS Server indexing improvements

As of this version, you can configure the ArcGIS Server layer indexing more easily. A detailed description can be found under Indexing of ArcGIS Server layers.

Support for security response headers

The server-side setting of Security Response Headers is supported from this version onwards. These HTTP headers can help to prevent security vulnerabilities such as cross-site scripting, clickjacking, disclosure of information and much more.

A detailed description can be found in the section on the property security.responseHeaders.common.

Update Notes

If you skip several versions during the update, please also follow all update notes of the intervening versions.

Change of index scheme in core0

In core0 the index scheme has changed. If you want to migrate the indexed documents from your current smart.finder installation, follow the migration instructions for the version update.

New bundle sf_bootstrap

A new bundle sf_bootstrap has been added, which loads the basic components of smart.finder when the app starts. This bundle is necessary for the start of smart.finder.

  • If you are using a custom app that already contains one of the collection bundles (starting with sf_bundle-set_…​), you do not need to do anything further. The bundle sf_bootstrap is automatically loaded in this case.

  • If the app does not contain any of the collection bundles sf_bundle-set…​, please add the bundle sf_bootstrap to your app as shown in the following example:

    {
  "allowedBundles": [
    "sf_bootstrap",
    "..."
  ]
}

Discontinued Features

None.

Deprecated Features

  • The standalone client of smart.finder will be discontinued in one of the future versions.

  • The security.mode ONLY_AUTHN will be discontinued in one of the future versions.

Known Limitations

SNR-1030

[Accessibility] Implement accessibility in sf-resultcenter app

SNR-797

[Mobile] Support for mobile devices is limited

SNR-582

[Facet Search] Improve algorithm in order to be more consistent

Changelog

2.6.0

Fixed Security Issues

SNR-998

Fixed CVE-2024-22201

New Features and Improvements

SNR-838

[Accessibility] Scrolling the description text is not possible via keyboard control in result list

SNR-839

[Accessibility] Active sort attribute difficult to detect in result list

SNR-840

[Accessibility] Missing focus frame around "Back to result list" button on detail page

SNR-841

[Accessibility] Dialog loses its focus when switching between result list and detail page

SNR-843

[Accessibility] Search slot loses focus after query

SNR-844

[Accessibility] Voice output after entering a search term is not applicable

SNR-849

[Accessibility] Unnecessary tabbing on the preview graphic in the results list

SNR-850

[Accessibility] Detail page - when navigating the dialog loses its focus

SNR-851

[Accessibility] HTML markup of the title heading not correct

SNR-854

[Accessibility] Job manager - Screen reader does not render application name

SNR-858

[Accessibility] Result page and detail page not readable at zoom level 200%

SNR-860

[Accessibility] Collective ticket to sf-full-page result page

SNR-875

[Accessibility] Sort select box value on results-page can’t be read by Screen readers

SNR-878

[Accessibility] Harmonize tooltips and make them Screenreader readable

SNR-913

[Security] Support configuration of security response headers

SNR-972

[Indexing] Simplify mapping definitions for feature attributes

SNR-973

[Indexing] Use Managed Schema for dynamic index

SNR-983

[Apps] Clean up tiles on the start page

SNR-994

[Accessibility] Incorrect focus background colour in the facet panel

SNR-995

[Documentation] Add definition of QueryTemplates to SmartSearchStore

SNR-997

CVE-2024-36114: Update to aircompressor-0.27.jar

SNR-999

CVE-2023-51775: Update to jose4j-0.9.4.jar

SNR-1000

CVE-2024-22234: Update to spring-security-core-6.2.5.jar

SNR-1001

CVE-2024-29857: Update to Bouncy Castle 1.78

SNR-1002

CVE-2024-34447: Update to Bouncy Castle 1.78

SNR-1003

CVE-2024-22257: Update to spring-security-core-6.2.5.jar

SNR-1004

CVE-2022-36364: Update to avatica-core-1.23.0.jar

SNR-1014

[Indexing] Support wildcards and field exclusions

SNR-1017

[Accessibility] Content of the "Search tips" dialog is not read by screen reader

SNR-1018

[Accessibility] Service type not read by screen reader when navigating to result item in result list

SNR-1019

[Accessibility] Tools drawer menu not reachable with tab

SNR-1026

[Indexing] Optimize log message for (partially) empty title fields

SNR-1034

CVE-2024-38809: Regular expression Denial of Service in spring-web

Fixed Issues

SNR-979

[Documentation] Missing update notes entry in TOC

SNR-992

[Search] Query templates do not support wildcards and phrases

SNR-1009

[Search] Missing i18n for tooltip for search tips button in SearchUI