The ARender team presents version 4.8.8 of ARender.

Multiple major security fixes have been added to this release: we highly recommend all our customers to update to this version!

Evolution:

‣ JSAPI - Regroup pages on virtual documents automatically 

• Automatically regroup the document pages directly with the Documentbuilder
  • Technical detail: load the document with a descriptor file (JSON) and regroup pages in virtual documents, in the order of your choice.
  • Documentation:
    • https://docs.arender.io/feature/documentbuilder/
      
      • See the chapter: Use custom document builder layout
    • https://docs.arender.io/apis/javascript/documentbuilder-js-api/
      • See the chapter: Custom document builder layout

• • Use case example:
    • Each page of a document represents different types of documents (ID Card, Driver's license, ...)
    • The Artificial Intelligence (AI) identifies the document type of each page,
    • The AI result is converted to the ARender JSON format,
    • The Document is opened in ARender with the thumbnail directly regrouped in virtual documents representing each identified type.
    • It is also possible to add a dropdown list to let the user correct the AI to set the right document type among the list.

‣ Content Security Policy (CSP)

• Improve ARender to support strict CSP configurations.

‣ Stamp

• A stamp with the user name has been added to the default stamp catalog of ARender

Fixes:

‣ UI Security fixes

• Multiple major security fixes have been added to this release.
  
  • We highly recommend all our customers to update to this version.
  • For more information on the issue please contact our support team at arender-support@arondor.com

‣ UI fixes

• Fix an issue when some specific emails were not opened due to a CSS style tag in the HTML content,
• Fix an issue when the zoom Adjust to width did not display the entire page for a document in landscape orientation,
• Fix an issue on Internet Explorer when the double click did not work to enter in the annotation edition mode
  • It happened only when the property annotation.richtext.edition.doubleClick was enabled.

‣ FileNet connector fix

• Fix an issue when the cache was not distributed correctly between multiple ARender HMI
  • It happened only when the FileNet documents were loaded with XML descriptors.
    • More information on this feature:
      • https://docs.arender.io/connector/filenetp8/ (see the chapter: POST and IBM FileNet ARender plugin - xmlDescriptor)

‣ Rendition fixes

• Fix an issue when the extracted text by the Rendition module was incorrect.
• Fix an issue when the HEIC format was not supported under Redhat 7.2 OS.
• Fix an issue when the font size of text notes was too small for PDF with high DPI.
• Fix an issue when the image in specific emails was truncated.
• Fix an issue when the opening of a PDF with specific headers failed.
• Third parties and their license are now listed at the installation.

Documentation:

‣ Rendition documentation

• Third parties are now listed and documented.

Known issues:

• The download of document with FDF annotations feature should not be used along with the Redaction.

Technical release note:

Hazelcast upgrade

A major change happened and will probably cause some issues related to your integration/connector: Hazelcast version upgrade from 3.x (3.12.12) to 4.x (4.2) in ARender Web-UI (HMI/Previewer).

The main reason why we upgraded the Hazelcast version is to have both components (HMI/Web-UI/Previewer and Rendition) use the same Hazelcast version but also because of one of the fixes done to resolve an issue with our FileNet connector.

Since it's a major version upgrade, there is a high chance that there are some breaking changes done in Hazelcast.
You have a couple of solutions to resolve that : 
- Upgrade the Hazelcast version from 3.x to 4.x to match the version used in ARender Web-UI (HMI/Previewer) and adapt the connector accordingly
- Exclude the Hazelcast used by ARender Web-UI if you don't use the ARender Hazelcast cache in the Web-UI component (the default cache used is Ehcache).

Enhanced security

A new property on the Rendition side (Broker) has been created to allow a certain set of URLs/Domains for the document opening. We have now 2 different properties, one for documents from a file system path and one for documents from a web URL : 

# Authorized documents paths with comma-separated
authorized.paths=../../samples/,../samples/,../../tmp/,../tmp
# Authorized URLs with comma-separated
authorized.urls=

For instance, with these properties, we only allow documents from the relative folder ../../samples/, ../samples/, ../../tmp/ and ../tmp/, and do not allow any documents from URLs.

Sticky note fix

A fix has been fixed on a Sticky Notes font size display issue when downloading PDFs with annotations.

# Enable adaptative font size for sticky note annotation
annotation.stickyNote.adapt.font.size.enabled=false

Document Builder enhancement

As described at the beginning of this release note, this new feature allows you to customize the structure of the DocumentBuilder at its opening. Three properties have been added 
for this feature :

# Enable the saveAll button
documentbuilder.button.saveAll.enabled=false
# Activate the cross button to delete the document in the document builder
documentbuilder.button.document.removal.enabled=true
# Activate the red cross button to remove a page in the document builder
documentbuilder.button.page.removal.enabled=true

For more details, see the following link: https://docs.arender.io/feature/documentbuilder/