Changelog CCM19 - 2021 - January to April

You can read about it here: Behind the scenes, we are constantly working on improvements to our Cookie Consent Manager.

Version 2021.04.29.2

29.04.2021 - f206bbf733563887b16d7dbb744eb646bf82079d

With this update we deliver 2 more fixes that resolve issues with session runtime and forcing HTTPS connections.

Here is a brief summary of the changes:

  1. FIX - Consider forced HTTPS for logo+icon
  2. FIX - Update session timestamp on every authenticated controller call

Version 2021.04.29

29.04.2021 - a93f5557013cd959a40f2074540c3518d4386919

The biggest news summarized:

Attention - Important! After the update, you will be forcibly logged out once due to the increased security settings. However, this only happens 1x directly after the update and is intended that way!

  1. Admin Embeddings for agencies - so they can maintain their own embedding and cookie database - of course you can also import the global data.
  2. Security revisions after an internal security audit some small things were improved again, e.g. password strength and logout time
  3. FLOC header is now configurable suppressed by CCM19.
  4. All calls are now shown in the advanced statistics too
  5. And you can now also release iframes via Consent.

In detail these points are revised resp. extended here.

  1. NEW - Setup: check for XML-Extension
  2. NEW - Show all calls in the extended statistics
  3. NEW - Calls current month per domain in the domain listing output
  4. NEW - Customer API displays list of all customers with domains and domaincount
  5. NEW - Placeholder documented which can be used in the mails.
  6. NEW - Table for placeholders in the emails created -> Agency Version
  7. NEW - Admin-Embeddings integrated - so agencies can maintain their own cookie and embeddings databases
  8. NEW - Introduce session maximum idle time: 3 hours, configurable
  9. NEW - Disable FLOC (+ microphone, camera, etc.) for CCM19 backend
  10. NEW - Password strength check for setup, password change and password recovery
  11. NEW - Block iframes via embedding
  12. NEW - Consider alternative route when checking CCM19 embedding
  13. FIX - Typos
  14. FIX - Translations extended
  15. FIX - Enter SMTP send correctly without authentication
  16. FIX - Removed superfluous parameter from function call
  17. FIX - Calculate runtime better
  18. FIX - Password change in account settings: Suppress password autofill
  19. FIX - Code formatting
  20. FIX - Keep session open only as long as tab is in foreground
  21. FIX - Prevent initialization of a session for alternative route
  22. BUMP - Packages Composer Update

Version 2021.04.15

15.04.2021 - a211cbe57c0797da26d0700c051492e4d2e32cd8

This is a small hotfix package which especially fixes a problem with the language management when creating new domains. The update is applied as usual via the CCM19 updater.

  1. FIX - Repair of the language management

Version 2021.04.14

14.04.2021 - a3a4bf7a1591789319554d0f723fcaed2704e3d1

After the slightly longer Easter holiday break, another new release with a number of tweaks. There are a number of fixes, the only new thing is the naming of the JS file that is included to bypass the blockers - is it now called app.js instead of ccm19.js as before - existing installations are of course not affected by this. We've also added extra detection for 1and1 / Ionos customers during installation. We are currently working on a number of extensions which will be finished in the next few weeks and will be released gradually.

  1. NEW - Generic name for the start script
  2. NEW - Setup: Detect IONOS, set RewriteBase and hide mod_rewrite warning
  3. FIX - Timeout configured for communication with the license server
  4. FIX - Autom. license check without effect on CCM19 operation
  5. FIX - For tabs in tabs (Embeddings → Cookies & Co): Avoid double spacing
  6. FIX - Output tab "Exclude URLs" when creating new embeddings
  7. FIX - Fix Locales template: e.g. Chinese no longer active by default
  8. FIX - Always display critical Javascript console messages
  9. FIX - Display problems in IE fixed
  10. FIX - Fixed a problem when using the Event API in IE
  11. FIX - Mandatory fields of e-mail configuration updated
  12. FIX - Wrap long page check entries to not displace actions
  13. FIX - Recognition of new GVL entries optimized
  14. FIX - Widget texts (imprint etc.) no longer sent when linking
  15. FIX - Added default values for widget elements in CSS
  16. FIX - access to undefined array index fixed
  17. FIX - wrong directory for translations deleted
  18. FIX - template label width at tcf
  19. FIX - template label width for tcf

Version 2021.03.17

17.03.2021 - 65348c0462804876fdb779907ecb58f0c6bc8035

This is a small hotfix package which especially fixes a problem with the translation files when updating from some older versions to version 2021.03.16. The update is applied as usual via the CCM19 updater.

  1. FIX - Repair of the translated country name lists
  2. Button styling made more robust against CSS adjustments of the main page

Version 2021.03.16

16.03.2021 - 7152bfedc1db3fb1ee65329fe0bcb722589fdeeb

This is an important update if the new embedding structure is used. When retrieving the IAB repository, there were problems in previous versions that have been fixed with this release.

Here is a summary of the most important new features

  1. FIX - Retrieving resources from the IAB repository updated

Version 2021.03.12

12.03.2021 - af88efe272f49857a02f9299f12f06997dbbd7b2

This is just an update package with some changes before Easter 2021.

  1. New are translations to 11 different languages, including Russian, Chinese and Japanese
  2. In addition, the settings icon can now be determined dynamically
  3. Long and often requested: console messages can now be disabled

Here is a summary of the most important new features

  1. NEW - Settings icon via theme configuration now freely definable
  2. NEW - Flags and language selection now dynamic
  3. NEW - Load translations for plugins
  4. NEW - Disable console messages when code minification is active
  5. NEW - Translations in various languages finalized
  6. NEW - Theme preview for system and account wide themes implemented
  7. NEW / FIX translations code reworked
  8. FIX - Minor bugfixes, typos and refactoring
  9. FIX - Composer update
  10. FIX - Cache: ignore missing OpCache data
  11. FIX - Bugfixes, language/country code confusion slightly improved
  12. FIX - Fixed text colors in widget replaced by dynamic ones
  13. FIX - Always call theme preview with empty memory
  14. FIX - Language files now with correct placeholders
  15. FIX - Internationalized domains better considered for domain recognition
  16. FIX - Temporary objects for repositories; write accesses not allowed
  17. FIX - Uniform customer count in dashboard and customer management
  18. FIX - Readout of customers via customer API restored
  19. FIX: Domain recognition should not create empty domains for non-determinable domains
  20. FIX - Reset call counter on time at the beginning of the month even if quota is exceeded
  21. FIX - Per-Domain-Cronjobs are now processed correctly
  22. FIX - Single column output for cookie declaration tables on mobile devices
  23. FIX - Separator for quick identification of individual CSS
  24. FIX - Widget height and breakpoints optimized for Retina displays

Version 2021.02.26

26.02.2021 - 45bdb635a3d014e59703864605c4059b96ee82c6

This is just another small hotfix package. The update is applied as usual via the CCM19 updater.

Here is a summary of the most important changes

  1. FIX - Consider TCF API change for 'cookieMaxAgeSeconds'
  2. FIX - Release/block new IAB providers after GVL update per setting
  3. NEW - Determine plugin translation directories dynamically
  4. FIX - Widget HTML slightly reduced in size
  5. FIX - Minor fixes in plugin system
  6. FIX - Alpha calculation in 'Color' class
  7. FIX - Caching problem with CORS headers fixed
  8. FIX - Various performance optimizations
  9. Refactoring several places in the code

Version 2021.02.24

24.02.2021 - 1ae337c372c73b28f2090aef3ca1c385bdfe2a06

This is only a small hotfix package. The update is applied as usual via the CCM19 updater.

Here is a summary of the most important changes

  1. FIX - Fixed a bug in a polyfill that caused output problems in IE 11
  2. FIX - Catch non-existing placeholders
  3. NEW - Output of debug messages in the console is now dependent on the code minification option

Version 2021.02.23

23.02.2021 - 139c9d4b398a23458ae10585497da3d05d5cd8d2

There are again some new features in CCM19 - we list the most important ones here. All other changes can be found in the changelog below.

Here is a summary of the most important changes

  1. Plugin Manager - since this version there is a Plugin Manager, with which you can create and manage your own plugins. In the next weeks and months we will provide a corresponding infrastructure
  2. Plugin Advanced Statistics as the first - long awaited plugin
  3. There is now also a Release Candidate Channel for the update for those willing to test and developers

Detailed Changelog

  1. NEW - "Release Candidates" update channel added
  2. NEW - Start onboarding in DL version directly and allow domain input. For page check in old versions ...
  3. NEW - Statistic Plugin uses now also the calls in the logfiles to the counting
  4. NEW - Statistics Plugin now with all data completely ... broken percentage values are ignored
  5. NEW - statistic data can now be displayed, absolute, percentage, by date and grouped by day / week / month / year
  6. NEW - Plugin template and statistic plugin now on board
  7. FIX - add cookie to an existing embedding successfully
  8. FIX - several performance fixes to improve availability and performance
  9. FIX - take over of the cookies from the DB (when saving always only 1 cookie arrived)
  10. FIX - Display statistics: data slipped by 1 day corrected
  11. FIX - Domaincheck small fixes
  12. FIX - Themes commit, after the update in the BootHandler was executed
  13. FIX - Update statistics every ~60s to keep the call counts up to date
  14. FIX - Onboarding can now be disabled
  15. FIX - User administration also activated in the base account - here was a bug in the registration
  16. FIX - display plugins reworked again
  17. FIX - Display Plugins, if active for all
  18. FIX - make cronjob probability dependent on call counts of the last day
  19. FIX - make cronjob probability dependent on call count
  20. FIX - Count Call-Counts again via Access-Journal
  21. FIX - Purpose Name Social Media now also correctly in Lookup
  22. FIX - Logs also show only true entries
  23. FIX - Trim domain names on save (strip protocol, slashes etc.)
  24. FIX - Language selection - only list DE language name
  25. FIX - Scrollbar User
  26. FIX - Consider search term when exporting protocol

Version 2021.02.10

10.02.2021 - b5da014701287d87709d1789201c22231903bafd

There are again some new features in CCM19 - the most important in the list here. All other changes can be found in the changelog below.

Here is a summary of the most important changes

  1. Subusers / groups for customers in all variants. You can now set up users and groups and assign them rights to certain areas, we welcome feedback on how to extend / improve this feature
  2. Onboarding and scanner have been streamlined, bugs have been fixed and significantly improved
  3. Embedding labels can now be translated

Detailed changelog

  1. NEW - CCM19 integration can now be checked in the dashboard with a single click
  2. NEW / Update - Onboarding streamlined and modernized, now also with automatic reading of urls and placeholder texts
  3. NEW Save group rights per menu item
  4. NEW - Revision of imprint, additional info is now hidden by default to reduce the size of the mask
  5. NEW - Widget with linked imprint etc. on those pages deactivatable
  6. NEW - Imprint / Privacy as link now default setting
  7. NEW - checkbox for display of widget controllable for imprint and privacy
  8. NEW - Added Package Validator to check URLS for correctness
  9. NEW - At the first login into an extended account you jump into the new onboarding
  10. NEW - Onboarding can now also be started directly from the domain management
  11. NEW - Deletion of all system- and account-wide themes is now possible
  12. NEW - Subuser also deactivated if main account is deactivated
  13. NEW - User table now via ajax / json and searchable
  14. NEW - User rights are now also considered in the dropdown and user / group menuitems are now also output there
  15. NEW - Images now also possible for subusers - can also be changed in the subuser admin
  16. NEW - User can upload own account image
  17. NEW - it is now automatically created a SubAdmin group, if one comes into the user administration - before it is not relevant
  18. NEW - use 'X-Content-Type-Options: nosniff' by default for most resources
  19. NEW - Hint at the domain administration if you have not created a domain yet... with a domain the hint disappears
  20. NEW - Domainsammel action not available for subusers.
  21. NEW - Purpose Description entered in the template... so that it does not look so empty ...
  22. NEW - new Default Theme
  23. NEW - Translatable integration names (Todo# 362)
  24. NEW Save group rights per menu item
  25. UPDATE - components like Symfony etc. updated to the latest version
  26. FIX - HTML of the templates fixed and breadcrumbs corrected
  27. FIX - Optimizations after static code analysis
  28. FIX - disable TCF component completely if framework is not explicitly enabled
  29. FIX - Show category texts in cookie variant directly again
  30. FIX - Onboarding problems corrected
  31. FIX - Purpose template statistics renamed to social media and analysis renamed to analysis / statistics
  32. FIX - Assign Cookie Scanner categories correctly
  33. FIX - Assign Embeddings correctly in Scan
  34. FIX - Add Cookies works again
  35. FIX - If Embedding once active - then the hint must not be displayed again, anyway not for new accounts
  36. FIX - Output of embedding check corrected
  37. FIX - Log messages improved
  38. FIX - Several minor fixes for onboarding
  39. FIX - Note on adding groups
  40. FIX - Accidental domain activation when deselecting all domains
  41. FIX - Listing of access menu items corrected
  42. FIX - Onboarding still revised
  43. FIX - Force cancellation of consent only with existing consent
  44. FIX Layout
  45. FIX - Prevent deletion of the last domain specific theme
  46. FIX - Width of elements - slightly adjusted to larger screens
  47. FIX - Display brand logo also in the area "Forgot password?
  48. FIX - Column width at name and email with max-width and word-wrap added
  49. FIX - Login in SubAccounts, Handling of TCF, Testing of Layout Templates in Subuser Accounts
  50. FIX - Output json Domain Manager
  51. FIX - Login error
  52. FIX button size and translation typos
  53. FIX - Use Brotli compression also by default if available
  54. FIX - Robots no-index,no-follow for requests with invalid API key
  55. FIX - removed too small buttons
  56. FIX user with correct group permissions and get SubuserID combined
  57. FIX - contrast warning styled differently
  58. FIX - Tooltip on contrast display
  59. FIX - Contrast check: If TCF is not active, display warning only
  60. FIX - Added hint to URL format when linking for imprint etc
  61. Fix: Avoid "Cannot read property 'append' of null" in TCF component
  62. FIX - Buttons "Select/Deselect all" were truncated by 2109165
  63. FIX - Rights check changed again
  64. FIX - Dark theme reworked - now looks nicer again
  65. FIX - Adaptation of tcfv2 mask - somewhat improved and rebuilt
  66. FIX - Added 'Auto-Submitted' header etc. to sent e-mails
  67. FIX - (Static analysis: exclude some false positives), tidied up code
  68. FIX - Fixed bug in Twig template; explanation table is loaded again
  69. FIX - removed check for full privacy URL in embedding/cookie models
  70. FIX - Legacy-Cookies: Allow placeholders in Privacy-Policy-URL
  71. FIX - Allow placeholders in translated embedding names
  72. FIX - Embeddings: Allow Privacy Policy URLs with placeholders
  73. FIX - Incomplete URLs for imprint/privacy/... allow
  74. FIX - Layout TCFv2 a little bit less complex

Version 2021.01.25

25.01.2021 - cd846ebcb3a3e26a7d1391979c4a5639128f001c

Today is finally the day - the TCFV2 version is ready. Since a few days the certification is available and we were last busy with some optical fine tuning, so that the necessary information can be displayed well. All other changes can be found in the changelog.

Here is a summary of the most important changes

  1. TCFV2 / IAB compatibility and certification
  2. Data in the pagecheck can now be set to Ignore and much more information
  3. Data in Pagecheck can now also be included in existing embeddings
  4. Enhancements in the context of accessibility - contrasts are requested, focus management and much more.

Detailed Changelog

  1. NEW - TCFV2 integrated
  2. NEW - Fonts a little modernized... a little fresher look
  3. NEW - Translations added
  4. NEW - Cookies / Storage elements can now be added to existing entries - you can choose now
  5. NEW - Call Limit in Agency Version can now be set freely, if there is none the default will be used
  6. NEW - Embeddings do not reload when matching exclude URLs
  7. NEW Exclude URLS are now also pushed to the frontend and are available in JS
  8. NEW - URL exclusion mask created in the admin - per embedding
  9. NEW / FIX - for new domains created by customers is not only status Embedding - but also the PRELEGAL hook already set
  10. NEW - Preassignment Agency Mails with placeholders
  11. NEW - Sending of Cookie Notes is now optional and happens every 7 days - you can disable it now
  12. NEW - Mail to operator or domainowner goes out if new entries were found in pagecheck
  13. NEW - Privacy policy: snippet (cookie list) by language version
  14. NEW - Lock focus in dialog if "Blocking" active in theme
  15. NEW - Show ignored entries button in pagecheck
  16. NEW - Cookies, Local Storage, Scripts and Objects can now also be set to ignore
  17. NEW - On which page cookies & local storage entries are set
  18. FIX - Display cookie names now with wrapping
  19. FIX - missing column Info in objects added
  20. FIX - Readability in TCFV2 window slightly improved
  21. FIX - Display TCFV2 description texts for categories in expandable elements
  22. FIX - Prevent overloading of Model::setId -> PHP 8 compatibility
  23. FIX - Resolved dependency for input fields of the Consent division on the storage location
  24. FIX - Automatic domain creation was no longer controllable since dfe3751
  25. FIX - Hide info about IAB-Framework for embeddings, if inactive
  26. FIX - CSS selector of the new H1 formatting specified
  27. FIX - Display of blocks unified in templates
  28. FIX - JS error message on remote embeddings in Consent store fixed
  29. FIX - HTML error fixed
  30. FIX - Paths dynamized at Page Check
  31. FIX - Transfer codeblock from DB added
  32. FIX - Hosting Version: Removed unnecessary GET variable at customer search
  33. FIX - Description for "Exclude URLs" revised
  34. FIX - colspans corrected for empty entries
  35. FIX Cookie Counter in Dashboard - still showed the old numbers with all data
  36. UPDATE - TCFV2 / IAB Framework activation better displayed

Version 2021.01.14

14.01.2021 - 5803820720183e249a680a1700d5b78a89571225

Since we were busy with the TCFV2 certification in the last weeks, there are only a few minor additions. The new TCFv2 version will be available next week, before that we have to merge the version into the master.

Detailed Changelog

  1. NEW - Widget not show at imprint/privacy/accessibility
  2. NEW - Trigger cache invalidation when changing the active theme
  3. NEW - Lazy-loading of blocking-iframe thumbnails
  4. NEW - Thumbnail extractor for openstreetmap-iframes
  5. NEW - Cache restructured to avoid rare error messages
  6. FIX - several minor fixes that caused error messages under certain circumstances
  7. FIX - Domain API now returns results independent of a login session
  8. FIX - Clear whole cache when changing NoLabel texts
  9. FIX - Guarantee valid URL when creating privacy policy links
  10. FIX - Revision accessibility backend
  11. FIX - NGINX sample configuration extended again


//Photoby Ross Findon | unsplash