SurveyJS v1.9.133
Released: March 6, 2024
SurveyJS v1.9.133 fixes an XSS vulnerability in Survey Creator, introduces enhancements in the API and behavior of the onSurveyInstanceCreated
event, and includes other minor enhancements and bug fixes.
Survey Creator: XSS vulnerability fixed
Previous Survey Creator versions allow users to insert raw HTML markup into element titles on the design surface. This capability makes Survey Creator vulnerable to XSS attacks. SurveyJS v1.9.133 fixes this vulnerability by converting HTML markup to plain text. Please update all SurveyJS libraries in your application.
How to Update SurveyJS Libraries in Your Application
Survey Creator: onSurveyInstanceCreated
API and behavior changed
As you may already now, almost all Survey Creator elements are heavily customized surveys from our own Form Library. The onSurveyInstanceCreated
event allows you to access any survey created within Survey Creator and modify it to customize a corresponding UI element.
The new release adds a new parameter to the onSurveyInstanceCreated
event—options.area
. This parameter indicates the Survey Creator UI element for which a survey instance is being created. Refer to the event description in the API Reference for more information. options.area
replaces the now deprecated options.reason
parameter. Refer to the following GitHub issue for information on replacement values: #5138: Update the onSurveyInstanceCreated
event parameters.
The onSurveyInstanceCreated
event has also changed its behavior. Previously, the event was raised immediately after a SurveyModel
object was instantiated. More often than not, our internal code configured the SurveyModel
object after that. However, the event, being raised before the configuration, contained the initial version of the object. Starting with Survey Creator v1.9.133, the onSurveyInstanceCreated
event is raised after a SurveyModel
object is instantiated and configured. This change extends the number of use cases for this event and allows us to deprecate more specialized events, such as onDesignerSurveyCreated
, onPreviewSurveyCreated
, and onPropertyGridSurveyCreated
:
Previously:
import { SurveyCreatorModel } from "survey-creator-core";
const creatorOptions = { ... };
const creator = new SurveyCreatorModel(creatorOptions);
creator.onDesignerSurveyCreated.add((_, options) => {
// Customize a preview survey in the Designer tab
});
creator.onPreviewSurveyCreated.add((_, options) => {
// Customize a preview survey in the Preview tab
});
creator.onPropertyGridSurveyCreated.add((_, options) => {
// Customize a survey that represents the Property Grid
});
Now:
import { SurveyCreatorModel } from "survey-creator-core";
const creatorOptions = { ... };
const creator = new SurveyCreatorModel(creatorOptions);
creator.onSurveyInstanceCreated.add((_, options) => {
if (options.area === "designer-tab") {
// Customize a preview survey in the Designer tab
}
if (options.area === "preview-tab") {
// Customize a preview survey in the Preview tab
}
if (options.area === "property-grid") {
// Customize a survey that represents the Property Grid
}
});
New Help Topics
End-User Guide: How to Create a Transfer List and Rank Selected Items
New Demos
Matrix Table with Custom Cell Types
Context Actions in Element Titles
Survey Creator: Customize Form Appearance
Bug Fixes and Minor Enhancements
Form Library
- Fit the progress bar to the survey width (#7810)
- A Rating Scale question has different values in Designer and Preview (#7922)
- [Mobile] Multi-Select Matrix: Row titles appear twice in Modern theme (#7917)
- Single-Line Input: A question placeholder disappears when switching from Preview to Edit mode (#7911)
Survey Creator
- Implement a method that adds items to collections within an existing survey JSON schema (#5294)
- Theme Editor: An exception is raised when Property Grid contains custom editors (#5273)
- A Boolean question slightly overflows its borders within the Visible If pop-up window (#5286)
- The
onMatrixColumnAdded
event is not raised when a new matrix column is added by pressing the Enter key on the design surface (#5274) - The
onItemValueAdded
event is not raised when a new matrix row is added by pressing the Enter key on the design surface (#5275) - An exception is raised when removing all standard items from Toolbox, leaving only a custom toolbox item (#5067)
- Preview tab: Page navigator is broken when the Designer tab is hidden (#5277)
- Matrix questions: A read-only column also appears non-editable within the Default Answer dialog (#5287)
- A survey is scrolled to the middle of a page when using Page Navigator (#5288)
- The
onQuestionAdded
event is not raised when an item is dragged from the Toolbox (#5291)
How to Update SurveyJS Libraries in Your Application
Angular
npm i survey-core@1.9.133 survey-angular-ui@1.9.133 --save
npm i survey-creator-core@1.9.133 survey-creator-angular@1.9.133 --save
npm i survey-analytics@1.9.133 --save
npm i survey-pdf@1.9.133 --save
React
npm i survey-core@1.9.133 survey-react-ui@1.9.133 --save
npm i survey-creator-core@1.9.133 survey-creator-react@1.9.133 --save
npm i survey-analytics@1.9.133 --save
npm i survey-pdf@1.9.133 --save
Vue 3
npm i survey-core@1.9.133 survey-vue3-ui@1.9.133 --save
npm i survey-creator-core@1.9.133 survey-creator-vue@1.9.133 --save
npm i survey-analytics@1.9.133 --save
npm i survey-pdf@1.9.133 --save
Vue 2
npm i survey-core@1.9.133 survey-vue-ui@1.9.133 --save
npm i survey-creator-core@1.9.133 survey-creator-knockout@1.9.133 --save
npm i survey-analytics@1.9.133 --save
npm i survey-pdf@1.9.133 --save
Knockout / jQuery
<link href="https://unpkg.com/survey-core@1.9.133/defaultV2.min.css" type="text/css" rel="stylesheet">
<script type="text/javascript" src="https://unpkg.com/survey-core@1.9.133/survey.core.min.js"></script>
<script type="text/javascript" src="https://unpkg.com/survey-knockout-ui@1.9.133/survey-knockout-ui.min.js"></script>
<link href="https://unpkg.com/survey-creator-core@1.9.133/survey-creator-core.min.css" type="text/css" rel="stylesheet">
<script src="https://unpkg.com/survey-creator-core@1.9.133/survey-creator-core.min.js"></script>
<script src="https://unpkg.com/survey-creator-knockout@1.9.133/survey-creator-knockout.min.js"></script>
<link href="https://unpkg.com/survey-analytics@1.9.133/survey.analytics.min.css" rel="stylesheet">
<script src="https://unpkg.com/survey-analytics@1.9.133/survey.analytics.min.js"></script>
<script src="https://unpkg.com/survey-pdf@1.9.133/survey.pdf.min.js"></script>