Apache Wookie Release Notes =========================== See https://issues.apache.org/jira/browse/WOOKIE-* (where * is the number of the issue below) For more detailed information on significant changes, see NEW_AND_NOTEWORTHY Version 0.10.0 ============== Bugs Fixed ========== * WOOKIE-167 - Gallery icons for bondi camera & geolocation are missing * WOOKIE-322 - Policies API only validates the origin, not the scope or directive * WOOKIE-15 - Companion document links * WOOKIE-149 - Sudoku widget not working correctly Improvements ============ * WOOKIE-327 - Make widget metadata returned by the REST API more consistent with W3C Widget Config.xml, remove confusing IDs * WOOKIE-263 - Remove deprecated "Services" and related functionality * WOOKIE-320 - Allow GET of Widget to support download of the original .wgt package * WOOKIE-319 - Add DELETE and PUT to /widget API * WOOKIE-318 - Change POST to /widgets to upload, parse and return error messages rather than just drop into /deploy * WOOKIE-324 - POSTing a widget to wookie should return its config.xml metadata * WOOKIE-314 - Filter license headers when concatenating HTML template files * WOOKIE-331 - Move API Keys from the database into a configuration file * WOOKIE-294 - Generalise all templates * WOOKIE-326 - Extend the Java Connector * WOOKIE-317 - Create documentation on how to create/generate wookie release artifacts * WOOKIE-334 - Adding PUT and DELETE to proxify * WOOKIE-330 - Make the Java connector backwards-compatible * WOOKIE-328 - Create "demo widget" capability without requiring rest of the web UI * WOOKIE-19 - Write server admin guide * WOOKIE-321 - Add functional test cases for Policies API * WOOKIE-20 - Conform to the LC W3C Widget API specification * WOOKIE-333 - Creating IntelliJ code style and code template files New Features ============ * WOOKIE-262 - Create non-UI administration client and capabilities * WOOKIE-227 - Implement OpenAjax hub 2.0 Known Issues ============ * WOOKIE-222 - There is a known issue when using Tomcat 7.* with Wookie. Sometimes when a widget is actually loaded, a browser alert box sometimes appears informing the user of a "Session Error". This is caused by the DWR library used by Wookie for Comet-based widgets handling HTTP-only cookies incorrectly; Tomcat 7 uses HTTP-only cookies as the default setting to prevent cross-site scripting (XSS) attacks. A workaround is to add the following to the WEB-INF/web.xml file crossDomainSessionSecurity false Note that XSS prevention will still be in place in Tomcat 7; this just disables the additional mechanism implemented in DWR that conflicts with it. This is an issue for DWR 2.* with Tomcat 7.* (or earlier versions of Tomcat where useHttpOnly="true" is set.)