For the past few years, CMS Report has generally not posted CMS announcements for new releases which only contained bug fixes and no new additional features. So, it's been rare for us to post the "point" release announcements for Drupal as Drupal only introduces significant new features in the new full version of Drupal (such as the forthcoming Drupal 8). However, Drupal 7.22 contains a lot of minor changes so we thought it was worth talking about. Drupal 7.22 was actually released a week ago, but I didn't have time to upgrade any of my Drupal sites until this week nor look at what was actually fixed until now.
Some of the many "minor" changes in Drupal 7.22 include:
- Allowed the drupal_http_request() function to be overridden so that additional HTTP request capabilities can be added by contributed modules.
- Changed the Simpletest module to allow PSR-0 test classes to be used in Drupal 7.
- Removed an unnecessary "Content-Disposition" header from private file downloads; it prevented many private files from being viewed inline in a web browser.
- Changed various field API functions to allow them to optionally act on a single field within an entity (API addition: https://drupal.org/node/1825844).
- Changed the default behavior after a user creates a node they do not have access to view. The user will now be redirected to the front page rather than an access denied page.
- Added an empty "datatype" attribute to taxonomy term and username links to make the RDFa markup upward compatible with RDFa 1.1 (minor markup addition).
- Refactored the Field module's caching behavior to obtain large improvements in memory usage for sites with many fields and instances (API addition: https://drupal.org/node/1915646).
- Added an assertThemeOutput() method to Simpletest to allow tests to check that themed output matches an expected HTML string (API addition).
- Added a link to "Install another module" after a module has been successfully downloaded via the Update Manager (UI change).
- Added an optional "exclusive" flag to installation profile .info files which allows Drupal distributions to force a profile to be selected during installation (API addition).
- Made the default .htaccess rules protocol sensitive to improve security for sites which use HTTPS and redirect between "www" and non-"www" versions of the page.
Besides documentation fixes, no changes have been made to the robots.txt or default settings.php files in this release, so upgrading custom versions of those files is not necessary. There are two changes to the .htaccess file in this release:
- An improvement to the default rewrite rules to help avoid man-in-the-middle attacks on sites which are accessed over HTTP and HTTPS.
- A change to the list of file extensions which are blocked by .htaccess, to prevent temporary files created by text editors from being accessed. Note: This change may cause issues for sites running very old versions of the Apache web server (1.x); see the "Known issues" section below.
Upgrading custom versions of the .htaccess file is recommended. A complete least of major and minor fixes in Drupal 7.22 are included in the release notes. The latest versions of Drupal are available Drupal.org download page.