bfarber

For this release we have focused on the search logging (and the UI to inspect those logs). We share your excitement about future possibilities - knowing what users are searching for will open up a lot of possibilities. We could show "trending" content based on recent searches, implement more intelligent auto-complete options for searches, all sorts of things. Baby steps though.

For this release we have focused on the search logging (and the UI to inspect those logs). We share your excitement about future possibilities - knowing what users are searching for will open up a lot of possibilities. We could show "trending" content based on recent searches, implement more intelligent auto-complete options for searches, all sorts of things. Baby steps though.

There are group permissions to control which groups can use the feature where there is an editor field.
For any other upload field (such as profile cover photos), the option is simply available if (1) this new feature is enabled and (2) the user can upload there.
The reality is, nothing stops a user from visiting pixabay, downloading the image, and then uploading it to your community - so the reality is, preventing users from using this feature in any area is really only making the work harder on your members. If they want to upload a pixabay image they can, so why not make it a smooth and easy process for them?

Your existing attachment limits will already apply. 🙂 At the end of the day, these images are nothing fancier than attachments, just with a nice UI to submit.

Your existing attachment limits will already apply. 🙂 At the end of the day, these images are nothing fancier than attachments, just with a nice UI to submit.

Your existing attachment limits will already apply. 🙂 At the end of the day, these images are nothing fancier than attachments, just with a nice UI to submit.

Fun fact - back then we used SVN for our source control, and the files had "tags" assigned to them (Revision, Author, and Date). In SVN, the Author tag isn't necessarily the initial committer, but rather the last one to make changes to that file.

Yes, this. I wasn't addressing any one person (and in fact @Tripp★ I wasn't addressing your comment at all), just speaking generally. I've noticed a lot of people replying to our blog entries lately with all of their wonderful ideas, and I just don't want all of those suggestions to be lost and forgotten.

Yes, this. I wasn't addressing any one person (and in fact @Tripp★ I wasn't addressing your comment at all), just speaking generally. I've noticed a lot of people replying to our blog entries lately with all of their wonderful ideas, and I just don't want all of those suggestions to be lost and forgotten.

Most password managers (such as LastPass and 1Pass) can generate random passwords with mixes of characters at variable lengths). Most of my passwords on any given site are random, not reused anywhere else, and 32+ characters with a mix of letters (upper and lower), numbers and special characters. I could never remember any of these passwords, even if I were only tasked with remembering one, however I don't need to - I only need to remember one password (to access the app I use) and that's it.
Bonus: the password managers have apps for ios which has native support for this sort of thing. If I register on a site on my laptop and store the password in the password manager, when I visit it on my iPhone I can log in using the password manager.

Strict Transport Security should be set up at the server level, and only if you are using SSL (https).
You can enable a Content Security Policy right from the AdminCP should you wish, but it's not something we can automate. You may have needs that the software can't know about (such as showing a Pages widget on an external domain), which is why you should configure it yourself if you wish to use it.
We do output the Content Type Options header when sending a file to the browser. There's little to no benefit using it just on every single page, but we do see value in attachment and file handlers to prevent browsers trying to guess what the file is even after we've supplied a mime type.
We enable a Referrer Policy when visiting external links.
I'm not really sure I'd group a Feature Policy in with security related headers...it's intended to indicate to the user agent which features (like location) the site may need. Trying to do this automatically also means third parties in the future may run into trouble if they try to leverage a new feature that we didn't outright allow initially. Either way, I'd say it's at least debatable if this should be lumped in as a security concern (Google's writeup even says "It's like CSP, except it controls features instead of security").

Strict Transport Security should be set up at the server level, and only if you are using SSL (https).
You can enable a Content Security Policy right from the AdminCP should you wish, but it's not something we can automate. You may have needs that the software can't know about (such as showing a Pages widget on an external domain), which is why you should configure it yourself if you wish to use it.
We do output the Content Type Options header when sending a file to the browser. There's little to no benefit using it just on every single page, but we do see value in attachment and file handlers to prevent browsers trying to guess what the file is even after we've supplied a mime type.
We enable a Referrer Policy when visiting external links.
I'm not really sure I'd group a Feature Policy in with security related headers...it's intended to indicate to the user agent which features (like location) the site may need. Trying to do this automatically also means third parties in the future may run into trouble if they try to leverage a new feature that we didn't outright allow initially. Either way, I'd say it's at least debatable if this should be lumped in as a security concern (Google's writeup even says "It's like CSP, except it controls features instead of security").

Strict Transport Security should be set up at the server level, and only if you are using SSL (https).
You can enable a Content Security Policy right from the AdminCP should you wish, but it's not something we can automate. You may have needs that the software can't know about (such as showing a Pages widget on an external domain), which is why you should configure it yourself if you wish to use it.
We do output the Content Type Options header when sending a file to the browser. There's little to no benefit using it just on every single page, but we do see value in attachment and file handlers to prevent browsers trying to guess what the file is even after we've supplied a mime type.
We enable a Referrer Policy when visiting external links.
I'm not really sure I'd group a Feature Policy in with security related headers...it's intended to indicate to the user agent which features (like location) the site may need. Trying to do this automatically also means third parties in the future may run into trouble if they try to leverage a new feature that we didn't outright allow initially. Either way, I'd say it's at least debatable if this should be lumped in as a security concern (Google's writeup even says "It's like CSP, except it controls features instead of security").

I have one of these (or rather my daughter does).

 

I have one of these (or rather my daughter does).

 

I’ll go in reverse. 
Calgary Flames use Invision Community for their official forums (as does the whole NHL it appears!)
Valeri Bure played for the Calgary Flames. 
Valeri Bure is married to Candace Cameron. 
Candace Cameron was in Full House with Bob Saget. 
Bob Saget was in Entourage with Mark Wahlberg. 
Mark Wahlberg was in Patriot Day with... you guessed it, KEVIN BACON!

We never get fed up 🙂 
And if you ever have questions about how the software works, you are always welcome to submit a ticket and one of our technicians will be happy to explain it. Just wanted to put that out there in case you or anyone else was unsure.

Hello, Invision power community team,
I want to send my maximum respect for all the work that every day they do so that users like us who have their forums.

In the first place by doing everything in one forums, clubs, store, downloads, support system, gallery, articles. Truly a great work of years that make their forums the best for us at least we will always continue with their forums until the end of their existence something very difficult.

We are since 2013 with its platform of forums we have active the subscriptions of forums, store, support, downloads (We update always to the day to see the improvements that each version surprise us)

Every 6 months we comply with the payment of the updates to receive support and make possible the great community with unique characteristics in the world.

My support in the Spanish language is up to date in each version days, weeks, nights to translate from English to Spanish the forums completely offering the community the possibility of buying the language saves the time that I have dedicated.
-This is all my sincere support, Sincerely Cristian Romero Garcia, From Spain for the Invision power Team ❤️

Thanks Cristian! Much appreciated.

Performance improvements have been made across the board, including to the converters.

Yes, that's correct.

I am really in love with Invision. All things were so simple back in 2004 as I have started with my community. I could do everything from SEO to design myself. Today it is just impossible to keep up with all the changes out there. It became so complicated. Therefore I am so happy that I have you, boys  You make my life easier and my community were meanwhile dead without this platform. 

Regardless of which "view" is used, not all are displayed on one page.

You may wish to submit a ticket so our technicians can take a look at your concerns.

Big Board admin/developer ... longtime lurker ... becoming bigger fan these days. I just have to post...
Email banner ads? Outstanding! (I haven't read about that one before.)
Lazy loading? SEO improvements? WTF PWA?
Holy COW!
Letter avatar - I thought was a great idea ... But now, SVG letter avatar? Yeeeesssss!! Letter avatars are a great way to personalize each account with little effort. Bravo 👏
I've been impressed with the 4 series and it keeps getting better.
I think I will finally take the plunge and purchase a license.
All this is just icing on the cake. What I love about IPS these days is that they are thinking of the admins....
GEOlocation free Social Login free ( At one point, I was paying close to $6000 a year for similar ser'vice) Built in Advertisement System free (Less work to develop in-house system) Store Commerce (Woocomerce alone cost over $200 with some basic extensions) amazon S3 Integration free Security Enhancements such as Google Authenticator free (previously paid for DUO) etc EXCELLENT JOB!!!!

Invision Community will not use a PWA to send notifications to devices at this time (which is only supported by Android at a technical level, not by iOS).