SECURITY UPDATE An XSS vulnerability has been discovered and fixed. This vulnerability is difficult for attackers to exploit as it requires an administrator to call the compromised log entry in the Borlabs cookie logs within 30 days. Previous data shows that attackers have attempted to perform SQL injections, but these have all failed. During the investigation, the XSS vulnerability and the possible attack scenario were recognised. All installations should therefore be urgently updated to version 3.1.4.
NEW A new setting has been added to disable email notifications for packages that are updated manually.
IMPROVED The **Library** now checks for updates once a day instead of twice a day. This reduces the number of email notifications.
IMPROVED The handling of nested **Shortcodes** has been improved.
IMPROVED The generation of database foreign key names has been improved.
IMPROVED The telemetry system was refactored to include the fetching of settings data regardless of the status of the telemetry option. This was done due to the need to monitor compliance with the IAB's TCF guidelines and to handle changes in browser behavior in relation to third-party cookies.
IMPROVED The instructions for removing email addresses related to email notifications have been improved.
ERROR RESOLVED Due to an error in the package update routine, this update resets the assigned service groups for the Google Tag Manager package according to our recommendations.
IMPROVED The option "**Automatic update**" has been extended by the option "**Patch versions**". The configuration of automatic updates is now only possible via the Borlabs Cookie dashboard. Due to a display issue with the automatic updates status in previous versions, this update now enables automatic updates by default. You can adjust this setting in the Borlabs Cookie Dashboard. This update also disables "**Debug Logging**", as some customers inadvertently enable this setting without understanding its purpose, leading to unnoticed database overflow.
IMPROVED Bots and crawlers no longer receive cookies from "**Cross Cookie Domains**" configured websites. We hope that this will also reduce the number of URLs collected by Google Search Console.
IMPROVED Websites with ridiculously long prefixes should no longer receive the `Identifier name ... is too long` error message.
ERROR RESOLVED Fixed error of uninitialized properties.
IMPROVED The option "**Automatic update**" has been extended by the option "**Patch versions**". The configuration of automatic updates is now only possible via the Borlabs Cookie dashboard. Due to a display issue with the automatic updates status in previous versions, this update now enables automatic updates by default. You can adjust this setting in the Borlabs Cookie Dashboard. This update also disables "**Debug Logging**", as some customers inadvertently enable this setting without understanding its purpose, leading to unnoticed database overflow.
IMPROVED Bots and crawlers no longer receive cookies from "**Cross Cookie Domains**" configured websites. We hope that this will also reduce the number of URLs collected by Google Search Console.
IMPROVED Websites with ridiculously long prefixes should no longer receive the `Identifier name ... is too long` error message.
ERROR RESOLVED Fixed error of uninitialized properties.
NEW The filter hooks `borlabsCookie/frontendResources/disableCssLoading` and `borlabsCookie/frontendResources/disableJavaScriptLoading` have been added.
NEW The JavaScript event `borlabs-cookie-after-init` has been added.
ERROR RESOLVED The loading of JavaScript modules in WordPress 6.5 has been changed and could lead to an error due to a WordPress polyfill. This error has been fixed.
NEW Added plugin integrity event. The event is executed every hour and calls the MigrationService to ensure that the system is in the desired state.
IMPROVED Update routine improved.
IMPROVED WP CLI command improved, added `--outdated` flag to `library list` command. All other flags that contained `_` have been changed and now use `-`.
NEW Borlabs Cookie 3.0 is no longer in beta! Hooray!
NEW Language Dutch added.
NEW Language French added.
NEW Language Italian added.
NEW Language Polish added.
NEW Language Spanish added.
NEW Language switcher added. Within the Dialog the visitor can switch to another language. Requires a plugin for multilingualism or Multisite Network.
NEW WP-CLI support added.
NEW Default Service Group Unclassified added.
NEW AdBlocker warning within the backend of Borlabs Cookie. Informs the user that some files of Borlabs Cookie are blocked by the AdBlocker.
NEW Plugin URL setting added. The settings now include a configurable URL for the Borlabs Cookie plugin. This is necessary if a plugin for multilingualism is used and each language uses its own domain.
IMPROVED IAB TFC related: The gdpr_consent is now also added to img tags.
IMPROVED Minor adjustment to the telemetry system, always sends information about installed packages.
IMPROVED The CSS class `borlabs-cookie-open-dialog-preferences` can now be set to an anchor element.
IMPROVED Iframe detection improved.
IMPROVED Content Blocker can now be used within AJAX requests.
IMPROVED Many minor improvements.
ERROR RESOLVED The color of the Content Blocker link was not set correctly.
