CMSB v3.58 Beta 1 (Feb 13, 2023)

4 posts by 2 authors in: Forums > CMS Builder
Last Post: March 27, 2023   (RSS)

By Dave - February 13, 2023

Hi everyone, 

We've just released v3.58 beta 1.  This is mostly a maintenance release. 

  • We've resolved some additional warnings and issues with PHP 8.1
  • We've made some improvements to performance and error reporting

Some additional items from the changelog:

  • Security: Added .htaccess code to prevent it from being loaded in a frame (to prevent clickjacking)
  • Developer Log: Optimized memory usage to prevent memory limit errors when listing many error records
  • Performance: Optimized getRecords() to load results faster in many cases (by replacing SQL_CALC_FOUND_ROWS)
  • Programmers: getEvalOutput() now returns errors instead of halting execution. See function header for details

You can download the latest beta here:  https://www.interactivetools.com/order/download.php

Please post any feedback, questions, or bugs you find! 

Thanks! :) 

Dave Edis - Senior Developer
interactivetools.com

By Codee - March 25, 2023

Hi Dave,

Dave wrote: "

  • Security: Added .htaccess code to prevent it from being loaded in a frame (to prevent clickjacking)

To prevent "what" from being loaded in a frame? My concern is on many sites I utilize Google's code for embedding Youtube videos...which is a frameset...and I'd prefer not to break those if possible.

Thanks

By Dave - March 27, 2023

Hi Codee, 

It prevents the CMS from being loaded in a frame on another domain.  It shouldn't prevent you from loading content from other domains in frame.

But if you ever need to disable it just #comment out these lines in /cmsb/.htaccess

# Prevent clickjacking attacks - comment this out if you need to display the cms in a frame
<IfModule mod_headers.c>
  Header set X-Frame-Options "SAMEORIGIN"
  Header set Content-Security-Policy "frame-ancestors 'self'"
</IfModule>

Hope that helps!

Dave Edis - Senior Developer
interactivetools.com