RichFaces 4.3.0.CR2 Release Announcement

Jan 25, 2013 12:00 AM, Brian Leathem [ Original post ]
Previous Next

RichFaces

The second milestone release of RichFaces 4.3 (4.3.0.CR2 ) has been released. This release candidate for the RichFaces 4.3 is an incremental release on top of the previous release candidate (4.3.0.CR1 ), providing a few bug fixes and documentation enhancements.

To try out this release: You can download the distribution directly , or for maven users, increment the RichFaces version in your pom.xml to 4.3.0.CR2. For more information on setting up a RichFaces 4 application, refer to our getting started guide .

Behaviour change for <rich:notify>

The RichFaces notify* components did not previously escape message content. This can lead to a security vulnerability in your applications, so we’ve changed the notify* components to escape message content by default, and provided the escape attribute to disable escaping of the message content.

If you previously had HTML content in your notify* components, you will need to add the escape=false attribute to achieve the same behaviour as in previous RichFaces releases.

Moving forward

We’ll again let RichFaces 4.3.0.CR2 bake in the community for a few days. Be sure to try it our with your applications and report any regressions you should come across that may have been overlooked by our QE team . We are aiming to have a final release out next week.