NEW A new setting has been added to disable email notifications for packages that are updated automatically. Although we believe it's important to receive notifications for automatic updates, we have made this feature available due to popular customer demand. This feature is enabled (true) by default and must be manually disabled. Future updates will not change this default setting to false.
IMPROVED The handling of regex in Script Blockers and Style Blockers was improved.
SECURITY UPDATE An XSS vulnerability has been discovered and fixed. This vulnerability is difficult for attackers to exploit as it requires an administrator to call the compromised log entry in the Borlabs cookie logs within 30 days. Previous data shows that attackers have attempted to perform SQL injections, but these have all failed. During the investigation, the XSS vulnerability and the possible attack scenario were recognised. All installations should therefore be urgently updated to version 3.1.4.
NEW A new setting has been added to disable email notifications for packages that are updated manually.
IMPROVED The **Library** now checks for updates once a day instead of twice a day. This reduces the number of email notifications.
IMPROVED The handling of nested **Shortcodes** has been improved.
IMPROVED The generation of database foreign key names has been improved.
IMPROVED The telemetry system was refactored to include the fetching of settings data regardless of the status of the telemetry option. This was done due to the need to monitor compliance with the IAB's TCF guidelines and to handle changes in browser behavior in relation to third-party cookies.
IMPROVED The instructions for removing email addresses related to email notifications have been improved.
ERROR RESOLVED Due to an error in the package update routine, this update resets the assigned service groups for the Google Tag Manager package according to our recommendations.
IMPROVED The option "**Automatic update**" has been extended by the option "**Patch versions**". The configuration of automatic updates is now only possible via the Borlabs Cookie dashboard. Due to a display issue with the automatic updates status in previous versions, this update now enables automatic updates by default. You can adjust this setting in the Borlabs Cookie Dashboard. This update also disables "**Debug Logging**", as some customers inadvertently enable this setting without understanding its purpose, leading to unnoticed database overflow.
IMPROVED Bots and crawlers no longer receive cookies from "**Cross Cookie Domains**" configured websites. We hope that this will also reduce the number of URLs collected by Google Search Console.
IMPROVED Websites with ridiculously long prefixes should no longer receive the `Identifier name ... is too long` error message.
ERROR RESOLVED Fixed error of uninitialized properties.
IMPROVED The option "**Automatic update**" has been extended by the option "**Patch versions**". The configuration of automatic updates is now only possible via the Borlabs Cookie dashboard. Due to a display issue with the automatic updates status in previous versions, this update now enables automatic updates by default. You can adjust this setting in the Borlabs Cookie Dashboard. This update also disables "**Debug Logging**", as some customers inadvertently enable this setting without understanding its purpose, leading to unnoticed database overflow.
IMPROVED Bots and crawlers no longer receive cookies from "**Cross Cookie Domains**" configured websites. We hope that this will also reduce the number of URLs collected by Google Search Console.
IMPROVED Websites with ridiculously long prefixes should no longer receive the `Identifier name ... is too long` error message.
ERROR RESOLVED Fixed error of uninitialized properties.
NEW The filter hooks `borlabsCookie/frontendResources/disableCssLoading` and `borlabsCookie/frontendResources/disableJavaScriptLoading` have been added.
NEW The JavaScript event `borlabs-cookie-after-init` has been added.
ERROR RESOLVED The loading of JavaScript modules in WordPress 6.5 has been changed and could lead to an error due to a WordPress polyfill. This error has been fixed.
NEW Added plugin integrity event. The event is executed every hour and calls the MigrationService to ensure that the system is in the desired state.
IMPROVED Update routine improved.
IMPROVED WP CLI command improved, added `--outdated` flag to `library list` command. All other flags that contained `_` have been changed and now use `-`.