The second milestone release of RichFaces 4.3 (4.3.0.CR2 ) has been released. This release candidate for the RichFaces 4.3 is an incremental release on top of the previous release candidate (4.3.0.CR1 ), providing a few bug fixes and documentation enhancements.
Behaviour change for
The RichFaces notify* components did not previously escape message content. This can lead to a security vulnerability in your applications, so we’ve changed the notify* components to escape message content by default, and provided the
attribute to disable escaping of the message content.
escape=falseattribute to achieve the same behaviour as in previous RichFaces releases.
We’ll again let RichFaces 4.3.0.CR2 bake in the community for a few days. Be sure to try it our with your applications and report any regressions you should come across that may have been overlooked by our QE team . We are aiming to have a final release out next week.