Jquery Update
Permalink
Good afternoon,
We are looking for an update on when Concrete 5 will be updated to the latest Jquery Version. (3.4.1). We have pen tested our site which has highlighted that our website has vulnerability issues due to it being on jqery version 1.12.4
Please can you advise on when we can expect this to be rectified
Kind Regards
We are looking for an update on when Concrete 5 will be updated to the latest Jquery Version. (3.4.1). We have pen tested our site which has highlighted that our website has vulnerability issues due to it being on jqery version 1.12.4
Please can you advise on when we can expect this to be rectified
Kind Regards
What I tend to do is run my Front-end site on a newer version, and then just hide that when logged in as an admin - that way the public facing code can use whatever version you want.
<?php $u = new User(); $adminGroup = Group::getByName('Administrators'); if (!$u->inGroup($adminGroup)) { ?> <script src="https://code.jquery.com/jquery-3.4.1.min.js" integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo=" crossorigin="anonymous"></script> <?php } ?>
That can work when you don't have a community of registered users.
Sites that depend on communities of registered users will have dashboard dependencies, so any visitor only use of a newer jQuery would be wasted.
Sites that depend on communities of registered users will have dashboard dependencies, so any visitor only use of a newer jQuery would be wasted.
Yep agreed, this is for public facing code only.
https://www.concrete5.org/about/roadmap...
Or, you could try simply swapping out the core jquery version for the newer one. However, this may possibly break some functionality. The file is located at /concrete/js/jquery.js.