by Dongbo Zhang, Sr. Software Engineer
In Uniface, we utilize the Xerces library to implement various XML reading and parsing functionalities, such as xmlload, xmlvalidate, xmlToStruct, and UXMLREADER components. This update introduces several improvements and crucial security enhancements to these functionalities. In this blog post, we will provide an overview of the key changes and emphasize the importance of upgrading to the latest version.
· Enhanced Security
The latest patch includes an updated version of the Xerces library. This patch addresses critical and high severity security issues that exist in previous versions. Security is our top priority, and we are committed to providing a secure environment for your valuable system and data assets. This update is a significant step in providing you with a secure Uniface environment.
· Clearer Error Messages
We understand the frustration you may feel when you see a cryptic error message. In this latest patch, we’ve revamped the error and exception messages generated by the Xerces library. This means that when an issue occurs, the new error messages recorded in the $procerrorcontext variable provide more precise and informative details.
For example, when calling xmlValidate on an invalid XML stream, previously you would get $procerrorcontext being set to an error message like: "ADDITIONAL=Xml validation error: Unknown element 'Book'". And now, the error message will look like: "ADDITIONAL=Xml validation error: no declaration found for element 'Book'."
· Enhanced Functionality and Bug Fixes
The latest version of Xerces includes several bug fixes to eliminate software defects and improve overall stability. It also enhances specific functionalities in line with XML standards. This ensures that Uniface products seamlessly integrate with other components in your ecosystem, providing enhanced performance and compatibility. By upgrading, you can take advantage of these improvements and enjoy a more reliable experience with our Uniface product.
For example, suppose you are performing schema validation on an XML document that includes an empty element. This element is defined as 'nillable' in the schema, meaning it allows for empty values. However, the element is also defined with a specific type, such as xsd:date, which does not accept empty values. In this scenario, the latest version of Uniface correctly identifies this mismatch and generates a validation error, such as "invalid date value".
Additionally, if you are working with an XML document/stream that lacks proper namespace prefix declarations, the latest version of Uniface detects this issue and generates a validation error.
We highly recommend that you upgrade your Uniface deployment to take advantage of these valuable updates.
If you have any questions or concerns, please visit our online documentation portal at https://docs.rocketsoftware.com/bundle/uniface_104/page/wqy1665702521491.html. Additionally, we invite you to join the Uniface forum at https://community.rocketsoftware.com/forums/uniface, where you can engage with our community, ask questions, and share your experiences.
Thank you for your continued trust in our product. We are committed to providing you with the best possible software experience, and this update is a testament to that commitment. Upgrade today and unlock the full potential of Uniface.