Production Release Notes - Version v2.208.1166

Release notes -- v2.208.1166 (since vhotfix-EL-5823)

Highlights

EL-5118 | Event hooks: JS event hooks should only be invoked based on its type

EL-5469 | Unified retrieval of hooks and parameters

EL-5465, EL-5235, EL-5265, EL-5370 New element Coupa 11 resources with all cruds and 5 with getall and get get by id

  • New element Coupa 14 resources

EL-5449 - Disabled tryout Feature for PCI in-compliant resources

  • Disabled tryout Feature for PCI in-compliant resources

EL-5161 | Sage 50 US element beta release

  • We added the Sage 50 US element to the Finance Hub, give it a whirl!
  • Initially released as beta as:
  • Only bulk download is supported
  • Events are not supported, but will be coming in the future

EL-4788 fixed filename empty in metadata bulk query

  • Fixed issue with the name of the downloaded file when no file name is given

SLYT-1591 - Disabled CORS protection in the API server for disallowed origins

  • The API server does not currently provide CORS protection; that is the responsibility of each client application using the API server
  • However, the API server was returning CORS headers, e.g., the Access-Control-* headers on the HTTP response regardless of whether the provided Origin header on the request was allowed or not. This was inconsistent behavior and provided guidance to client applications that CORS protection was perhaps supported by the API server.
  • Addressed this issue by ensuring that only allowed origins, currently none, will result in the HTTP response containing the Access-Control-* headers, else none of the CORS headers will be returned on the HTTP response.