Hello everyone.
Within the financial application that we are doing, some security tests are being made and a vulnerability was detected in the jquery library v1.12.4 used by vaadin. Is there any direct way to update this library to pass the tests?
Best regards,
Nelson F.
Hi,
First of all, you need to add a new dependency for the Web Module of your application with a new version of the jQuery library, for example:
configure(webModule) {
...
dependencies {
...
compile 'org.webjars:jquery:3.2.1'
}
...
Then you need to specify a new path to the jQuery library which is used in a project as WebJar. To do so, define the cuba.web.webjars.jqueryPath property in the web-app.properties file, for example:
cuba.web.webjars.jqueryPath = jquery/3.2.1/jquery.min.js
Pay attention that the FileUploadField uses the jQuery UI and jQuery FileUpload libraries, so make sure that a new version of jQuery is compatible with them.
Regards,
Gleb