Difference between revisions of "Upgrade Guide v2.5"

From ADF Docs
Jump to: navigation, search
(Enable the CSRF Safe Mode for local ajaxProxy requests)
(Current Version)
(19 intermediate revisions by the same user not shown)
Line 2: Line 2:
 
Follow the guide below if you are upgrading to ADF v2.5.
 
Follow the guide below if you are upgrading to ADF v2.5.
  
  '''IMPORTANT:''' ADF 2.5 can only be used with CommonSpot 10.6.1 or 10.5.2 or above.
+
  '''IMPORTANT:''' ADF 2.5+ requires CommonSpot 10.6.1 or 10.5.2 or above.
  
Before upgrading, please review the [http://community.paperthin.com/projects/ADF/docs/release-notes/Release-Notes-v2-5-0.cfm v2.5 Release Notes]
+
Before upgrading, please review the [http://community.paperthin.com/projects/ADF/docs/release-notes/Release-Notes-v2-5.cfm v2.5 Release Notes]
  
 
If you are upgrading from a version earlier than ADF v2.5, then please follow the guides for previous ADF versions:
 
If you are upgrading from a version earlier than ADF v2.5, then please follow the guides for previous ADF versions:
Line 45: Line 45:
 
## 2.5.0
 
## 2.5.0
 
# Upgrade was successful and you are running the ADF v2.5.
 
# Upgrade was successful and you are running the ADF v2.5.
 
 
  
 
== Post-Upgrade Steps ==
 
== Post-Upgrade Steps ==
  
 
=== Enable the CSRF Safe Mode for local ajaxProxy requests ===
 
=== Enable the CSRF Safe Mode for local ajaxProxy requests ===
ADF 2.5's new security enhancement, "ajaxProxy CSRF Safe Mode" disabled by default. This is to allow developers an opportunity to update their ADF and ADF App ajaxProxy related customizations, before enabling the CSRF attack prevention validation.
 
 
If your site is only using out of the box ADF and ADF Applications then you should enable the "ajaxProxy CSRF Safe Mode" immediately after upgrade.
 
 
# In your '''ADF.cfc''' in the /_cs_apps/ folder in your site root, add the following line:
 
enableADFcsrfSafeMode(true);
 
 
For a new ADF installs, update the line enableADFcsrfSafeMode(false); found in your site's /_cs_apps/ADF.cfc file, from "false" to "true" (see above).
 
 
If your site has custom code which uses the ADF's ajaxProxy for local requests before you can enable "ajaxProxy CSRF Safe Mode", using the steps above, you will need to add the CSRF_Token parameter and the method call to get the CSRF_token value to your ajaxProxy calls. Once the "ajaxProxy CSRF Safe Mode" is enabled, the CSRF token key/value pair is required to be passed along with the local request as either a Data or URL parameter, otherwise your ajaxProxy requests will not validate and fail.
 
 
CSRF_Token as a Data parameter (using a jQuery.post):
 
<source>
 
jQuery.post("#application.ADF.ajaxProxy#",
 
{
 
  bean: 'dataService',
 
  method: 'getData',
 
  CSRF_Token: '#application.ADF.csSecurity.getCSRF_Token()#'
 
}
 
</source>
 
 
  
CSRF_Token as a URL parameter (using a jQuery.get):
+
* Once your site is ready Enable [[ADF AjaxProxy CSRF Safe Mode]] (for ADF 2.5 and above only!)
<source>
 
jQuery.get("#application.ADF.ajaxProxy#?bean=dataService&method=getData&CSRF_Token=#application.ADF.csSecurity.getCSRF_Token()#")
 
</source>
 
  
  WARNING: Enabling the "CSRF Safe Mode" without using the ADF 2.5 ready apps or updating custom ajaxProxy local calls will limit functionality
+
  '''WARNING''': Enabling the "ADF CSRF Safe Mode" without installing ADF 2.5 compatible Apps or without updating all custom ajaxProxy local requests will greatly limit functionality!
  
 
=== Register ADF Scripts as CommonSpot Resources ===
 
=== Register ADF Scripts as CommonSpot Resources ===
  
# Register the ADF Script Resources with CommonSpot (for ADF 2.0 and above only!)
+
* Register the ADF Script Resources with CommonSpot (for ADF 2.0 and above only!)
## Run the [[Register All Scripts|Register ALL Scripts]] tool.
+
** Run the [[Register All Scripts|Register ALL Scripts]] tool.
  
  '''IMPORTANT:''' The ADF thirdParty scripts libraries will not function when using ADF.scripts_2_0 loadScripts calls unless
+
  '''IMPORTANT:''' The ADF thirdParty scripts libraries will not function when using ADF.scripts_2_0 loadScripts calls unless they are registered as Resources in CommonSpot 10.x.  
they are registered as Resources in CommonSpot 10.x.  
 
  
 
<!--
 
<!--
Line 112: Line 85:
 
* Any site level override ADF Lib components located in the "_cs_apps/lib/" folder will need to be renamed and the component "extends" updated to point to the latest version of the matching ADF Lib components.
 
* Any site level override ADF Lib components located in the "_cs_apps/lib/" folder will need to be renamed and the component "extends" updated to point to the latest version of the matching ADF Lib components.
  
  Example: "_cs_apps/lib/scripts_1_1.cfc" needs to become "scripts_2_0.cfc" and the extends value in the component tag
+
  Example: "_cs_apps/lib/scripts_1_1.cfc" needs to become "scripts_2_0.cfc" and the extends value in the component tag will need to point to "ADF.lib.scripts.scripts_2_0"
will need to point to "ADF.lib.scripts.scripts_2_0"
 
  
 
=== Update Custom App Lib Component References ===
 
=== Update Custom App Lib Component References ===
 
* Update any ADF Lib component references in your custom ADF Apps to the latest versions of the matching ADF 2.0 Lib components in the App's appBeanConfig.cfm file (in the root of the App directory).
 
* Update any ADF Lib component references in your custom ADF Apps to the latest versions of the matching ADF 2.0 Lib components in the App's appBeanConfig.cfm file (in the root of the App directory).
  
  Example: "addConstructorDependency(appBeanName, "scripts_1_2", "scripts"); " needs to become
+
  Example: "addConstructorDependency(appBeanName, "scripts_1_2", "scripts"); " needs to become "addConstructorDependency(appBeanName, "scripts_2_0", "scripts");"
"addConstructorDependency(appBeanName, "scripts_2_0", "scripts");"
 
  
 
== Related Guides ==
 
== Related Guides ==

Revision as of 00:08, 6 October 2020

Current Version

Follow the guide below if you are upgrading to ADF v2.5.

IMPORTANT: ADF 2.5+ requires CommonSpot 10.6.1 or 10.5.2 or above.

Before upgrading, please review the v2.5 Release Notes

If you are upgrading from a version earlier than ADF v2.5, then please follow the guides for previous ADF versions:

Previous ADF Upgrade Guides

Upgrade

Follow the steps below to upgrade the ADF directory:

  1. Download the ADF v2.5 from the Community site project page.
  2. On your server, rename the "/ADF/" directory to "/ADF-2.4.1/".
  3. Create a new "/ADF/" directory. Setup any necessary security or permissions for the new "/ADF/" directory.
  4. Export the download ADF zip folder into the "/ADF/" directory.
  5. Copy the contents of the "/ADF-2.4.1/apps/" directory into the "/ADF/apps/" directory.
  6. Reset the ADF through the web browser with the following URL parameter:
    1.  ?resetADF=1

Note: If you have security permissions on the "/ADF/" directory make sure to set them up because the folder was renamed and then created new.

Validate Upgrade

There are 2 methods to validate the ADF upgrade.

ADF Reset

  1. Reset the ADF through the web browser with the following URL parameter:
    1.  ?resetADF=1
  2. The reset command will add text to the top line of the page. If you see the following text with the date/time stamp:
    1. ADF v2.5 has been reset successfully!
  3. Upgrade was successful and you are running the ADF v2.5.

ADF Version Output

  1. In the browser, add the following URL parameter:
    1.  ?ADFDumpVar=application.ADF.version
  2. This command with output the ADF version at the top of the page. If you see the following text:
    1. 2.5.0
  3. Upgrade was successful and you are running the ADF v2.5.

Post-Upgrade Steps

Enable the CSRF Safe Mode for local ajaxProxy requests

WARNING: Enabling the "ADF CSRF Safe Mode" without installing ADF 2.5 compatible Apps or without updating all custom ajaxProxy local requests will greatly limit functionality!

Register ADF Scripts as CommonSpot Resources

  • Register the ADF Script Resources with CommonSpot (for ADF 2.0 and above only!)
IMPORTANT: The ADF thirdParty scripts libraries will not function when using ADF.scripts_2_0 loadScripts calls unless they are registered as Resources in CommonSpot 10.x. 


Update Site Level Override Components

  • Any site level override ADF Lib components located in the "_cs_apps/lib/" folder will need to be renamed and the component "extends" updated to point to the latest version of the matching ADF Lib components.
Example: "_cs_apps/lib/scripts_1_1.cfc" needs to become "scripts_2_0.cfc" and the extends value in the component tag will need to point to "ADF.lib.scripts.scripts_2_0"

Update Custom App Lib Component References

  • Update any ADF Lib component references in your custom ADF Apps to the latest versions of the matching ADF 2.0 Lib components in the App's appBeanConfig.cfm file (in the root of the App directory).
Example: "addConstructorDependency(appBeanName, "scripts_1_2", "scripts"); " needs to become "addConstructorDependency(appBeanName, "scripts_2_0", "scripts");"

Related Guides

CommonSpot Registered Resources