|Oracle® Application Express Application Builder User's Guide
Part Number E11838-02
This section describes new features available in Oracle Application Express Release 3.2 and points you to additional information.
This preface contains these topics:
New features in Oracle Application Express, release 3.2 include:
Forms Conversion captures the design of existing Oracle Forms and automatically converts some components, primarily the user interface. Other components, such as complex triggers, must be manually converted post-generation..
Moving to native HTML is not seamless and changes to the user interface are required to deliver optimal Web interactivity. This tool enables you to take advantage of Oracle Application Express dynamic HTML capabilities, including interactive reports. For further information see Oracle Application Express Migration Guide.
Security best practices for developing Web applications specify minimizing the exposed footprint, protecting the integrity of the session state, and ensuring that data being transmitted between the browser and the server cannot be compromised. To align with these best practices, Oracle Application Express, release 3.2 has improved security measures making it more declarative and powerful. Some key enhancements include the ability to:
Declaratively encrypt session state
Declaratively specify session timeouts for maximum idle time and maximum session duration
Create new password item types that enable users to enter passwords without ever saving them to session state.
Other features designed to minimize the exposed footprint include reducing the privileges required by the Oracle Application Express database account, disabling the Database Monitor feature by default, and providing administrators the ability to require HTTPS for the administration and development suite applications. In addition, administrators can now restrict new or updated account passwords to those that have not previously been used for a specified duration and, for new installations, require that service administrator account passwords conform to a strong password policy.
Oracle Application Express documentation has also been improved to provide you with more resources to build secure Web applications. These new features complement existing Oracle Application Express security features including flexible authentication, authorization schemes, URL tampering protection, and so on. For further information, see "Managing Application Security".
New features in Oracle Application Express, release 3.1 include:
Interactive Reporting Region.
Interactive Reporting Regions enable end users to customize reports. Users can alter the layout of report data by choosing the columns they are interested in, applying filters, highlighting, and sorting. They can also define breaks, aggregations, different charts, and their own computations. Users can create multiple variations of the report and save them as named reports and download to various file formats including comma-delimited file (CSV) format, Microsoft Excel (XLS) format, Adobe Portable Document Format (PDF), and Microsoft Word Rich Text Format (RTF). See "Editing Interactive Reports" .
For step-by-step instructions on building an example application that uses interactive reports, see "How to Build and Deploy an Issue Tracking Application" in Oracle Application Express Advanced Tutorials.
Optional Runtime-Only Installation.
For testing and production instances, Oracle Application Express, release 3.1 supports the ability to install just a runtime version of Oracle Application Express. This minimizes the installed footprint and privileges. Scripts are also provided to remove or add the developer interface from an existing instance. This new feature improves application security since in a runtime instance developers cannot advertently update a production application. See "Managing a Runtime Environment" in Oracle Application Express Administration Guide.
In addition to the default themes provided with Oracle Application Express, you can create your own customized themes. customized themes enable you to design a very specific look and feel to meet your corporate requirements and then publish this as a theme for all other applications to use. Two new standard themes have also been added. See "Managing Themes" and "Managing Themes for an Oracle Application Express Instance" in Oracle Application Express Administration Guide.
This release includes a new Hidden and Protected item type. This item type greatly simplifies the developer's task of protecting item session state. This together with other minor improvements makes the default security functionality more robust within Oracle Application Express. See Table 6-2, "Available Item Types".
Enhanced Report Printing.
Release 3.1 now includes XML as a download format and supports multiple SQL statements. See "Printing Report Regions".
BLOB support enables files to be declaratively uploaded in forms, and downloaded or displayed using reports.
BLOB display and download can also be authored procedurally using PL/SQL. See "About BLOB Support in Forms and Reports".
Application Builder refinements introduced with this release include:
The ability to define an Application Date Format
The ability to add a search region when creating a report
You can now include attachments with emails sent using the Application Express mail APIs
The previous 32K limit on data when creating an application on a spreadsheet has been removed
You can now create master detail reports in the Create Application Wizard
Master detail report implementation has been improved and refined
Support for declarative Media Type enables generation of pages of type other than 'text/html'
Simplified URLs Used During Branching.
In this release, you can perform the clear cache and session state setting actions immediately before the branch in the same database session used to process the page submission. This results in less information being shown in the application URLs. This enhancement improves security by making URLs less susceptible to tampering and by exposing fewer item names, values, and indications of program logic. It also reduces the potential of URL encoding and character set problems.
To use this feature, select the save state before branching check box on the Edit Branch page or when creating a new branch using the Create Branch wizard. See "Controlling Navigation Using Branches".