Release notes -- v2.208.1164 (since vhotfix-EL-5823)
Highlights
EL-5118 | Event hooks: JS event hooks should only be invoked based on its type
EL-5469 | Unified retrieval of hooks and parameters
EL-5465, EL-5235, EL-5265, EL-5370 New connector Coupa 11 resources with all cruds and 5 with getall and get get by id
- New connector Coupa 14 resources
EL-5449 - Disabled tryout Feature for PCI in-compliant resources
- Disabled tryout Feature for PCI in-compliant resources
EL-5161 | Sage 50 US Connector beta release
- We added the Sage 50 US connector to the Finance Hub—give it a whirl!
- Initially released as beta, as:
- Only bulk download is supported
- Events are not supported, but will be coming in the future
EL-4788 fixed filename empty in metadata bulk query
- Fixed issue with the name of the downloaded file when no file name is given
SLYT-1591 - Disabled CORS protection in the API server for disallowed origins
- The API server does not currently provide CORS protection; that is the responsibility of each client application using the API server
- However, the API server was returning CORS headers, e.g., the
Access-Control-*
headers on the HTTP response regardless of whether the providedOrigin
header on the request was allowed or not. This was inconsistent behaviour and provided guidance to client applications that CORS protection was perhaps supported by the API server. - Addressed this issue by ensuring that only allowed origins, currently none, will result in the HTTP response containing the
Access-Control-*
headers, else none of the CORS headers will be returned on the HTTP response.