Today's update (146d133) brings with it the follow changes:
Security issues
- Allow site administrators to set the CORS Access-Control-Allow-Origin HTTP header, allowing JavaScript applications on other sites access to data in Portfolio. The site configuration variable in question is named
http_access_control_allow_origin
. This was requested by the d-bok project.
Performance improvements
- The implementation of HTTP range requests for binary content allow the video and audio player to skip ahead in the stream, saving some bandwidth when users are only interested in a specific portion of the stream.
New features
- Support for HTTP range requests (RFC 7233) was added to all binary content served by Portfolio. The
thumbnail
, watermark
and wav2mp3
HTTP request handlers have ranged requests disabled, because the content is dynamically generated. This also means that normal voice recordings performed in the WAV format does not support range requests during playback, because it internally uses the wav2mp3
request handler. This is because some browsers don't support playback of WAV files using HTML5.
- Additional API documentation. All template handlers should now be documented. A significant portion of the HTTP request handlers have also been documented.
Enhancements
- Binary HTTP responses from Portfolio was refactored, which should give more consistent response in terms of caching behavior.
- Improved the readability of the legend text in the CEFR placement test usage report.
Bugfixes
- Google Chrome users were unable to seek in MP4 video files before the entire video file was cached locally and the page was reloaded. This should now work as expected.