<
From version < 27.5 >
edited by Sergiu Dumitriu
on 2010/10/25
To version < 27.7 >
edited by Sergiu Dumitriu
on 2010/10/25
>
Change comment: Updated default image quality

Summary

Details

Page properties
Content
... ... @@ -114,7 +114,7 @@
114 114  For a long time it was possible to scale attached images on the server, thus reducing the download time and ensuring consistent scaling of images across browsers. This is achieved by appending ##width## and/or ##height## query string parameters to the URL of the image. This feature has been further enhanced:
115 115  
116 116  * It is now possible to force the same aspect ratio of the original picture even when both width/height parameters were used (the ##keepAspectRatio## parameter). In case the requested width and height don't match the original aspect ratio, the image is resized to fit inside the rectangle defined by the two parameters, i.e. the resized image will not exceed the requested dimensions.
117 -* The size of the generated JPGs can be further tweaked by specifying an encoding ##quality## (the configurable default is at 30%, but will be changed to 50% before the final release). This does not affect lossless image formats such as PNG.
117 +* The size of the generated JPGs can be further tweaked by specifying an encoding ##quality## (the configurable default is at 50%). This does not affect lossless image formats such as PNG.
118 118  * The WYSIWYG editor also supports the width and height parameters, setting them as needed when manually resizing the image in the editor.
119 119  
120 120  {{code language="none"}}
... ... @@ -226,15 +226,13 @@
226 226  
227 227  == Security improvements ==
228 228  
229 -Fixed a few XSS bugs, fixed a broken check on rights from the Rest system, fixed a missing author update when editing classes.
230 -
231 -== Various Security improvements ==
232 -
233 233  Continuing a push for better security started this summer, 2.5 fixes some of the few remaining cross-site scripting and SQL injections holes, and tightens the scope of programming rights. Of particular concern:
234 234  
235 235  * With a default skin, the panels and the bottom tabs can no longer use restricted APIs.
236 236  * To explicitly drop programming rights, a new API method was introduced: ##$xcontext.dropPermissions()##
237 237  * An experimental Cross-Site Request Forgery prevention mechanism is included, though not enabled by default. To enable it and test/upgrade your custom applications for compatibility, edit ##xwiki.properties## and flip on the ##core.csrf.enabled## setting.
234 +* Fixed a broken check on rights from the Rest system
235 +* Fixed a missing author update when editing classes.
238 238  
239 239  == Translations ==
240 240  

Get Connected