Today, we are pleased to install XenForo 1.4.6. This release fixes a number of bugs and issues that were found since the release of 1.4.5. As this is a maintenance release, the vast majority of the focus was an increase in stability.
However, they have improved our login brute force mitigation system to not only limit login attempts per user but to also place temporary blocks on entire IP addresses if they fail to login too many times.
This release also brings their use of the Facebook Open Graph API up to version 2.0. Although you will not see any noticeable difference, it does ensure that the Facebook integration will continue to work after they officially end support for version 1.x of the API. In addition to this mostly behind-the-scenes change, they have also removed the Facepile and Recommendations box from various templates as these Facebook plugins are now deprecated and due to stop working in June.
Some of the bugs fixed in 1.4.6 include:
This release follows their principle that third-point (x.x.X) releases should always be more stable than the preceding version, so for the most part you will not find new features in this release. Major new features will be reserved for second point versions (x.X.x).
However, they have improved our login brute force mitigation system to not only limit login attempts per user but to also place temporary blocks on entire IP addresses if they fail to login too many times.
This release also brings their use of the Facebook Open Graph API up to version 2.0. Although you will not see any noticeable difference, it does ensure that the Facebook integration will continue to work after they officially end support for version 1.x of the API. In addition to this mostly behind-the-scenes change, they have also removed the Facepile and Recommendations box from various templates as these Facebook plugins are now deprecated and due to stop working in June.
Some of the bugs fixed in 1.4.6 include:
- Add limits to the number of images being fetched by the image proxy simultaneously and add more strict limits to time outs and retrieval speed.
- Allow a character set to be specified in the SMF importer.
- Fix an off-by-one style error with the flood check that could allow multiple requests through in a 1 second window.
- On the customized components page, only revert items matching the filter.
- Remove deprecated Facebook social buttons and convert to use the HTML5-style versions.
- Fix an issue where Chrome would not re-focus the editor properly when opening a menu.
- In the editor, update the current button state using the browser APIs when backspacing.
- Load external JS/CSS when opening the smilie menu.
- When running the spam cleaner, stop redirecting when not checking IPs.
- Dynamically change whether fixed overlays are used based on the overlay height (when loaded).
- Properly number format user upgrade costs
- account_external_accounts
- member_list
- member_notable
- member_warn
- news_feed_page
- news_feed_page_global
- PAGE_CONTAINER
- quick_navigation_menu
- register_facebook
- report_view
- share_page
- sidebar_share_page
This release follows their principle that third-point (x.x.X) releases should always be more stable than the preceding version, so for the most part you will not find new features in this release. Major new features will be reserved for second point versions (x.X.x).