Version 2.020.28a was deployed to https://kf.kobotoolbox.org/ on Monday, 20 July 2020 at 01:00 UTC and to https://kobo.humanitarianresponse.info/ on Thursday, 9 July 2020 at 00:02 UTC.
Bugs Fixed
PR | Description | Related Issues |
---|---|---|
#2728 | Use the current, 64-character CSRF token cookie instead of any stale ones set by old versions of the application | #2717 |
#2725 | Revert change that enabled HttpOnly on the CSRF token cookie, since this caused CSRF errors in some circumstances and “offers little practical benefit”
|
#2588, #2589, #2717 |
kobotoolbox/kobocat#624 | Fix some 404 errors in the legacy photo gallery by stripping out extra tokens added to image URLs by the gallery JavaScript library | kobotoolbox/kobocat#623 |
Improvements
PR | Description | Related Issues |
---|---|---|
#2719 | Improve icon cache so that new releases do not require hard refreshes to display correctly | #2715 |
#2639 | Avoid a confusing error message when connectivity fails while editing permissions | #2341 |
#2608 | Display a better error message and title in the REST Services log when a submission has been deleted | #2470 |
#2720, kobotoolbox/kobocat#620 | Reduce session timeout to 1 week from the Django default of 2 weeks, for better security | kobotoolbox/tasks#336 |
kobotoolbox/kobocat#628 | Remove calls to MongoDB fsync , which is not available in all environments |
kobotoolbox/kobocat#627, kobotoolbox/kobo-docker#293 |