mojoPortal 2.3.5.4 is now available on our download page.
This is a compatibility update for the changes in ASP.NET that resulted from the security patch recently released by Microsoft and now available from Windows Update. I blogged about this issue previously and provided a workaround for the compatibility issue, this new release eliminates the need for the workaround.
Before the security update, there was a possibility for a System.Security.Cryptography.CryptographicException when decrypting the role cookie if the machine key had changed and the user was already authenticated. We already had error handling for this error, but after the security update the behavior changed and it would throw a more generic HttpException there which we were not handling, and this would cause users who were previously authenticated to experience an error until they cleared the cookie. Even without a machine key change, the same error could happen if a user was authenticated before the windows update was applied, the error could happen for that user after the update was applied (because there were also changes to how cookies are encrypted in the security update) In this release we have added handling for the new more generic exception so the cookie will be reset if this error occurs and the user will not experience an error on your site.
We've also removed the previous workaround for the ASP.NET security issue since it is not needed after the update is applied.
Other Changes
Thanks to Steve Railsback of Colorado State University we have some new CSS that can be used to add images to the Administration menu. It uses some Crystal Icons which are licensed under LGPL. I've updated many of the included skins that ship with mojoPortal to use the new icons, you can easily add them to your skin by adding this to your style.config file:
<file cssvpath="/Data/style/adminmenu/style.css" imagebasevpath="/Data/style/adminmenu/">none</file>
It will transform the admin menu from a plain looking vertical list to a list of images with hover effects like this:
This release also has:
- upgrade to CKeditor 3.4.1
- upgrade to TinyMCE 3.3.9.2
- updated Italian resource files thanks to Diego Mora
- fixed a bug where menu items that were configured as unclickable were still clickable in the breadcrumbs
I'd also like to point out a new article in the skinning documentation written by Steve Land, Using Wireframe Skins. Steve has shared a skin he designed to solve the problem of how to keep your discussions with clients focused on functionality when you need to. It is a very common issue that the customer can easily get side tracked onto colors and other visual aspects which is fine if you are trying to discuss the design but distracting if you are trying to focus the discussion on functionality or other non-design aspects of the site. The wireframe skin can help with this because it is designed to not be distracting and to clearly represent that the design is not what is being shown. Please let Steve know if you find his wireframe skin useful if there is interest he might make more variations.
Follow us on twitter or become a fan on Facebook