We are pleased to announce the release of cloudscribe v8.4, which includes important security updates, enhanced cookie consent management, improved localization, and numerous bug fixes and UI improvements.

This release focuses on strengthening security, improving the developer experience, and enhancing the overall stability of the platform.

Principal Changes

  • Enhanced Cookie Consent System - Implemented a sophisticated three-state cookie consent system (undecided/accepted/declined) allowing users to dismiss cookie banners without fully accepting cookies
  • CSP-Compliant JavaScript in Developer Tools - Added ability to incorporate JavaScript directly into pages while maintaining Content Security Policy compliance through tag helpers, enabling developers to add custom scripts without violating security policies
  • Comprehensive Localization Improvements - Standardized ResX string references throughout core views using consistent snake_case resource keys
  • Security Updates - Updated critical dependencies including EntityFramework and jQuery.validate to address security vulnerabilities

Release Notes

Breaking Changes

  • #748: Enhanced Cookie Consent System - Breaking change for sites with local view overrides. Two key files were modified in the Bootstrap5 template. See the documentation for migration details.
  • #1182: Localization Improvements - Breaking change for sites implementing two factor authentication. Management screens will require the addition of some new entries into your existing ResX resource files, listed here.

Security Improvements

  • #1054: Updated Microsoft.EntityFrameworkCore dependencies to address security vulnerabilities in transitive dependencies
  • #1113: Updated jQuery.validate library to address security vulnerability discovered during penetration testing
  • #1125: Improved cookie security configuration by addressing SameSite cookie settings for better protection

Bug Fixes

  • #1150: Fixed Summernote editor issue where HTML code entered in raw HTML view was not retained when saving unless user switched back to WYSIWYG mode first
  • #1177: Fixed API authentication bug in EnforceSiteRulesMiddleware that incorrectly started HTTP responses for Terms & Conditions violations on API routes
  • #1169: Re-wrote IP address blocking/permitting logic to ensure "Permitted" rules consistently take precedence over "Blocked" rules when dealing with IP address ranges
  • #500: Fixed scrolling issue in SimpleContent Page Manager where selecting a page would auto-scroll to top with misplaced context menu

UI/UX Improvements

  • #1157: Added CSS override to ensure Summernote editor maintains consistent black-on-white appearance across different themes
  • #639: Moved page metadata below child page menu in SimpleContent for improved layout and user experience
  • #501: Improved unauthorized access handling in SimpleContent with proper redirects to login/access denied pages instead of generic 404 errors
  • #1134: Modified user interface to clarify the purpose of a confusing checkbox on "/siteadmin/registerpageinfo" page

Developer Tools & Features

  • #482: Added mechanism in Developer Tools to allow adding JavaScript directly to pages with Content Security Policy compliance through tag helpers
  • #1194 & #45: Added event handler for post-user deletion to clean up remaining Key-Value Pair (KVP) data from deleted users
  • #55: Added conditional UserExportPartial to KVP views to ensure compatibility with different versions of cloudscribe.Core.CompiledViews.Bootstrap5

Code Cleanup

  • #1138 & #1160: Removed outdated Bootstrap3 and deprecated .pgsql libraries across cloudscribe solutions to improve maintainability
  • #1163: Fixed and reorganized unit test infrastructure with new working tests

Upgrading to v8.4

To upgrade your cloudscribe installation to version 8.4:

  1. Update all cloudscribe package references in your .csproj files to version 8.4.*
  2. If you have local view overrides for the cookie consent system, review the cookie consent documentation for required changes
  3. If your site uses two-factor authentication, add the required ResX entries to your localization files
  4. Review and test IP blocking/permitting rules if you use this feature, as the logic has been updated
  5. Run your application and verify all features are working as expected

Note: As always, we recommend testing the upgrade in a development environment before deploying to production.

Looking Ahead

With the removal of Bootstrap3 views and deprecated PostgreSQL libraries in this release, we continue to modernize the cloudscribe platform. Future releases will focus on further performance improvements, enhanced security features, and improved developer experience.

Community and Support

We appreciate the continued support and feedback from the cloudscribe community. For questions or issues related to this release, please visit our GitHub repository or join the discussion in our community forums.

Thank you for using cloudscribe!

We are pleased to announce a new release of cloudscribe at version 8.3. (Version 8.2 was superseded and skipped from the release cycle.)

The principal change in this minor version release is to move away from the use of ckEditor for embedded HTML editing, replacing it now with Summernote.

However, any cloudscribe simplecontent users who have built their own custom page/post templates making use of the old support for ckEditor should find that these templates continue to work.

The release also brings a new administrative feature: the ability to block access to cloudscribe sites to specific IP addresses/ranges, and conversely the ability to allow access only to specific IP addresses/ranges - see details.

The release also addresses some minor bugs (see notes below).

See also the known issues and deprecation warnings (below), for future releases.

We've released a new version of the cloudscribe Visual Studio template. Reviews are always appreciated!

We recommend that the VSIX template should be installed into Visual Studio 2022 (version 17.8 onwards).

Alternatively, you can use the 'dotnet new' command as documented.

Older versions of the VSIX template remain available here: https://github.com/cloudscribe/cloudscribe.templates/tree/master/Archive.

As always, feedback is welcome in the forums or on GitHub.

Release Notes

version 8.3.0 - July 2025

@cloudscribe/cloudscribe

  • #1099: Summernote Editor Integration - added support for the Summernote editor as a replacement for CKEditor, while retaining the option to use CKEditor if desired.

  • #1063: Fixed several issues in the "browse server" modal when invoked from the Summernote toolbar:

    • Restored the missing 'Select' button for image selection.
    • Reinstated the 'Crop' tab in the UI.
    • Corrected the modal title.
    • Addressed regressions caused by previous file manager and Summernote integration changes.

  • #1111: Fixed newsletter sign-up widget compatibility with invisible reCAPTCHA:

    • Resolved an issue where the newsletter sign-up widget would not submit when invisible reCAPTCHA was enabled.
    • Improved JavaScript handling in EmailListSignUpPartial to support async validation and proper script loading.
    • Ensured compatibility for both authenticated and unauthenticated users.

  • #918: IP Address Blocking

    • Added ability to block specific IP addresses via the admin UI.
    • Supports both individual IPs and IP ranges.

  • #1011: IP Allowlist (Single IPs & Ranges)

    • Added support to restrict site access to only permitted IP addresses.
    • Supports both individual IPs and IP ranges.

  • #1097: API Client Secret Expiry Fix (PGSQL)

    • Fixed saving API client secret expiry dates in PostgreSQL when using UTC.
    • Prevented accidental deletion of client and related data due to date handling.

Upgrading an existing cloudscribe site

We recommend manually editing the .csproj file of your solution (or each of them, if you have multiple projects), to upgrade the package references:

<PackageReference Include="cloudscribe.Core.SimpleContent" Version="8.3.*" />
<PackageReference Include="cloudscribe.SimpleContent.Web" Version="8.3.*" />
<PackageReference Include="cloudscribe.Core.SimpleContent.CompiledViews.Bootstrap5" Version="8.3.*" />

(and so on for all cloudscribe packages).

Known issues

In the new Summernote editor, any changes made to your content in its raw HTML editing mode will not be saved until/unless you toggle back out of HTML mode and into the regular visual editor. This is a known issue in Summernote, and we hope to address that in a future release.

The Summernote editor requires a recent version of JQuery (we would recommend v3.7.0 or later) - so if the editor fails to render correctly, check that version in the /wwwroot/js folder of your theme.

In some of the shared themes that are supplied with the template, the colour scheme of the Summernote editor toolbar changes so that there is insufficient colour contrast between the toolbar buttons and the background colour.

Deprecation warnings

We intend to discontinue the following legacy cloudscribe libraries and remove their projects from the main source code branches, in forthcoming releases:

  • All 'Views.Bootstrap3' and 'CompiledViews.Bootstrap3' projects (only Bootstrap5 is now actively maintained, but the Bootstrap4 views projects will be kept in place for reference for the time being).
  • All of the original legacy 'EFCore.pgsql' libraries: these have long ago been superseded by their 'EFCore.PostgreSql' counterparts, which enforce the use of snake case convention on PostgreSql database schema.

We are aware of an issue that has arisen from the recent 8.1 release, specifically around: "#798: Enhanced the file manager with the ability to move files between folders, eliminating the need to delete and re-upload files."

This has resulted in the 'Select' button not always appearing in the File Manager in some circumstances when you select an image to insert into content.

We have a fix for this which will be released soon, in the meantime you are able to override the setting yourself in order to see the 'Select' button.

How to:

  1. Add this file to your project as a view override in \Views\FileManager https://github.com/cloudscribe/cloudscribe/blob/develop/src/cloudscribe.FileManager.Web/Views/FileManager/BrowsePartial.cshtml
  2. On line 192, change 'data-can-select="false"' to be 'data-can-select="true"'
  3. Save and release to your site in the usual way

We are pleased to announce a new release of cloudscribe at version 8.1. This minor version release addresses a number of issues, bugs and feature enhancements (see the release notes below).

We've released a new version of the cloudscribe Visual Studio template. Reviews are always appreciated!

We recommend that the VSIX template should be installed into Visual Studio 2022 (version 17.8 onwards).

Older versions of the VSIX template remain available here: https://github.com/cloudscribe/cloudscribe.templates/tree/master/Archive.

As always, feedback is welcome in the forums or on GitHub.

Release Notes

version 8.1 - 6 May 2025

@cloudscribe/cloudscribe.Web.Navigation

  • #135: Fixed an issue causing incorrect child page sub-menus when the URL ends with a trailing slash. This ensures consistent navigation tree behavior across routes with or without trailing slashes.

@cloudscribe/cloudscribe

  • #1073: Introduced a reserved word list for tenant site names to prevent conflicts. For example, "development" is now restricted to avoid issues with accessing developer sections.
  • #1063: Added a feature to export user data from the User Manager, including basic attributes such as First Name, Surname, Display Name, Email Address, and Created Date.
  • #798: Enhanced the file manager with the ability to move files between folders, eliminating the need to delete and re-upload files.
  • #762: Updated the main heading on /privacy and other cloudscribe core pages to use <h1> tags or allow configurability, replacing the previous <h2> implementation.
  • #942: Extended reCAPTCHA protection to the "Forgot Your Password?" page to mitigate risks associated with automated email spam and enhance security.
  • #935: Resolved an issue where the returnurl parameter was ignored on the login page if the user was already logged in. Now, the intended return behavior is consistently applied.
  • #929: Improved the user experience for sites with social sign-in by hiding password management options (/manage/setpassword and /manage/changepassword) when database authentication is disabled.
  • #924: Fixed a UI issue in the Page Manager tree where togglers were inheriting an underline style and made them larger and easier to click.
  • #959: Fixed a crash when saving user details with a date of birth in PostgreSQL. Ensured compatibility with timestamp with time zone by enforcing UTC for DateTime values.
  • #1056: Corrected the behavior of the "Clear Image" button to ensure it functions as expected after dragging and dropping an image.
  • #1034: Added a "View Activity" link on the Manage User page to improve navigation to the User Activity page.

@cloudscribe/cloudscribe.SimpleContent

  • #487: Added options in CMS settings to display created and last edited information (author and timestamps) below content. These settings include configurable defaults.
  • #549: Updated the LinksRenderPartial to align with Bootstrap 5 standards. Replaced <h2> and float-based styling with semantic markup and modern flex layouts.

Upgrading an existing cloudscribe site

We recommend manually editing the .csproj file of your solution (or each of them, if you have multiple projects). to upgrade the package references:

<PackageReference Include="cloudscribe.Core.SimpleContent" Version="8.1.*" />
<PackageReference Include="cloudscribe.SimpleContent.Web" Version="8.1.*" />
<PackageReference Include="cloudscribe.Core.SimpleContent.CompiledViews.Bootstrap5" Version="8.1.*" />

(and so on for all cloudscribe packages)

There should be no breaking changes from our previous v8.0 release.

Apologies to anyone who was trying to do anything on this website earlier today - we experienced a 40-minute outage after removing earlier versions of the ASP.NET Core runtimes. The site was showing this

HTTP Error 500.31 - Failed to load ASP.NET Core runtime

even though the correct ASP.NET Core Runtime 6.0.35 was installed (and reinstalled!).

We fixed this by upgrading the site to .NET 8, which was anyway in testing. If you spot anything not working, please do contact us!