Today's update (977e443) brings with it the following changes:
Security issues
- The user self-registration form didn't have any protection against spambots. This caused unwanted user registrations to be added to the database. A captcha question was added to the form to block most naive robots.
Performance improvements
- Used a faster third-party package to perform URL escaping. This should improve performance slightly in a lot of situations.
Enhancements
- It is now possible to list all children of a container in read_container request handler and filesystem template function without checking permissions. You activate it by using a custom_init value of
show_all_children=1 on a container.
- The synthetic speech configuration was not kept when loading a new page. The configuration is now persisted for the lifetime of your browser session.
- The confirmation message you get when you send your CEFR placement test report now includes your own email address.
Bugfixes
- The template function link() was not resolving courses. This has now been fixed.