Apache Wookie Release Notes =========================== See https://issues.apache.org/jira/browse/WOOKIE-* (where * is the number of the issue below) For more detailed information on significant changes, see NEW_AND_NOTEWORTHY Version 0.14 ============ BUGS FIXED ========== WOOKIE-403 ProxyServlet doesn't work well on chunked data WOOKIE-406 Widget redeploying fails on Windows WOOKIE-404 Server crashed after long wait, while reloading widget WOOKIE-405 Widget localization does not work WOOKIE-387 deploying flatpack to another wookie results in an error WOOKIE-382 Flatpack function returns wrong widget package WOOKIE-402 Package files are overwritten by updates WOOKIE-399 Twitter widget: public timeline no longer works WOOKIE-290 Widget templates not allowing content to be overwritten properly WOOKIE-386 HTML Hex-encoded unicode entities are incorrectly encoded in start files WOOKIE-44 Default widget returns js "error" when loaded into a browser IMPROVEMENTS ============ WOOKIE-360 Process all start files, not just specified locales WOOKIE-397 Improvements to assetPlayer Template WOOKIE-366 Update to the Walkthrough template and test widget NEW FEATURES ============ None Known Issues ============ * WOOKIE-222 - There is a known issue when using Tomcat 7.* with Wookie. Sometimes when a widget is actually loaded, a browser alert box sometimes appears informing the user of a "Session Error". This is caused by the DWR library used by Wookie for Comet-based widgets handling HTTP-only cookies incorrectly; Tomcat 7 uses HTTP-only cookies as the default setting to prevent cross-site scripting (XSS) attacks. A workaround is to add the following to the WEB-INF/web.xml file crossDomainSessionSecurity false Note that XSS prevention will still be in place in Tomcat 7; this just disables the additional mechanism implemented in DWR that conflicts with it. This is an issue for DWR 2.* with Tomcat 7.* (or earlier versions of Tomcat where useHttpOnly="true" is set.)