Today marks the release of DMX 6.2. The releases of the past few years have been mostly to solidify the product and were released without much fanfare. This release however, includes a few significant changes that require some explanation on our behalf.
DNN Dependency Shift
Over the past couple of weeks we've seen a few security fixes go out with regards to DNN Platform. It is always good to know that a number of people are keeping their eye on security and reacting to any new information that surfaces. The most notable patch was for Telerik's Rad Upload component. If you have not read about this then please go to DNN Software's site and follow instructions. The flaw in the original component allowed anonymous upload of malicious files, so this can be labeled as critical. Note that although DMX (potentially) leverages Rad Upload, it is not up to DMX to fix this as the component is managed by DNN Corp.
DMX has had a dependency on DNN 6 for several years now, i.e. DMX would run on DNN 6 and higher. Moving the dependency to a higher version of DNN means some customers will be forced to upgrade their DNN. This has held back development over the past year as WebAPI (a crucial technology for asp.net applications nowadays) did not become a stable part of DNN until version 7.2. Today marks the release of a new version of DMX that moves the needle to DNN 8. This also in light of the security issues mentioned above. It was, so to speak, the perfect storm. DMX 6.2 will *not* run on any DNN Platform release before DNN 8! If you wish to upgrade DMX while you're on an older platform you will be forced to upgrade, but I'd like to add that this is in your best interest because the older platforms will expose you to more and more security vulnerabilities.
DMX Upload Components
Telerik's Rad Upload was mentioned earlier. This component is a so-called Ajax upload component that allows you to stream a file upload to the server. It is part of Telerik's suite of components that has been distributed with DNN for years now. Word on the street is that this is being discontinued at the next major upgrade of DNN. In the meantime, DMX also included two other upload components that had issues: the CA and Silverlight uploaders. The CA (ComponentArt) uploader has had issues and since the company has discontinued this product, we're deprecating this upload component. Silverlight is also on its way out. Microsoft has made it clear it will no longer continue Silverlight development and browsers are more and more aggressive in blocking this technology. As a result the Silverlight uploader has also been removed. It was high time for us to reexamine the uploaders we ship with.
With DMX 6.2 we've now added a new uploader based on the popular Blueimp jQuery upload component. The overall experience should resemble modern standards. The look and feel has been adjusted to what DNN uses in version 9, featuring both a "click and select files" as well as "drag and drop to add files" option.
One more thing about uploading. What may have escaped your attention is that DMX also supports drag and drop into the main UI. That is: if you drag files onto the file list in the main Ajax UI, an upload process will commence. Note this uses a simplified upload component so you cannot use it to upload files of 100's of Mbs (it depends on your asp.net worker process available memory to be exact). But for everyday files it should provide an intuitive and quick upload function.
With DMX 6.2 there are also a few changes with regards to WebDAV. Until now the WebDAV server included with DMX was only able to use digest authentication. This made perfect sense back in the days when DNN was mostly installed "non-securely", i.e. without SSL. Back in those days it was also still perfectly acceptable that one stored users' passwords on the server (albeit encrypted). Those days are now behind us. For several years DNN has moved to hashed password storage and it is less and less acceptable to have your site not run over SSL.
As a result of DNN's move to hashed password storage digest authentication no longer worked. Digest authentication requires passwords to be present on the server. So DMX's WebDAV only worked on older DNN installations or if you had lowered the security during installation and set the password storage to "encrypted". This is *not* advised. So with DMX 6.2 we've implemented basic authentication over SSL. This is supported by most client software like Microsoft Office. If you run your DNN site over SSL you will be able to benefit from the advantages of WebDAV again.
Finally, with regards to WebDAV, we've removed all "Open with ..." links from the menu. These commands that relied on unsigned Internet Explorer plugins just no longer work. There is no alternative to this. Browsers, quite rightly, see the starting up of Word on your PC through a web command as a security leak. So this will never become available again without some third party plugin that bridges that. Instead we've replaced all WebDAV commands with a "WebDAV link" menu entry. This pops up a link which you can use in client software to open up a resource.
This release opens the door to more modernizations now that we've moved the dependency. Expect bits and pieces of the UI to be changed over the coming time. We feel the DNN/DMX combination makes for a compelling document management solution and we're encouraged by customers' feedback we regularly receive. We know most of you work in a "don't fix it if it ain't broken" environment. And we feel vindicated with regards to the quality of DMX as we are regularly confronted with questions about installations that date back 5 years or more. Still working to manage your documents safely and privately.