4 Changed Behavior
Changed behavior in this release includes:
4.1 Improved Text Field with Autocomplete
The Text field with Autocomplete, formerly an Oracle JET implementation, is now a custom HTML component. Applications that use the Text field with Autocomplete item are automatically switched to the new custom HTML component. You can no longer create a Text field with Autocomplete using the previous Oracle JET implementation.
Item Improvements
- support for PD Maximum Values in List when not lazy loading (now called Fetch on Type)
- icon support when the List of Values Type is
Shared LOV - support for cascading LOVs
- support for refreshing dynamic actions when Fetch on Type is
False - visual improvements, including:
- a placeholder when fetching from server to indicate APEX is retrieving data
- no dropdown flash when search is synchronous (Fetch on Type is
False) or when using smart filters
Item Changed Behaviors
- The Dynamic Action Event Update [Text Field with Autocomplete] (
ojupdate) is replaced with the change event.- Existing Dynamic Actions using Update [Text Field with Autocomplete] are automatically migrated to the change event.
- The new change event triggers when the user changes the autocomplete in any way (for example, typing in it). This is an improvement on the
ojupdateevent, which was only triggered when the user selected a suggestion.
- Because the new item implementation is a custom HTML component, using the HTML attribute style on the Custom Attributes page designer property does not style the internal input element. Styling the input element is neither supported nor recommended.
- HTML markup may change between releases without prior notice.
- The attribute Lazy Loading is now Fetch on Type.
- If the List of Values is set to
StaticorShared, only the Return column provides values to the item.
4.2 Calendar Regions
With this release, calendar regions still using the deprecated FullCalendar v3 are automatically migrated to FullCalendar v5. Custom JavaScript customization is commented out. See Calendar Region Upgrade Guide in APEX 21.1 for details.
4.3 Create Modal Page as Drawer
Create Application Wizard now creates Form pages as Drawer by default. There is no option to change this unless you add a Wizard Page type.
Create Page Wizard defaults the Form Page Mode to Drawer if the application theme contains a Drawer page template. With Drawer page mode, APEX creates the page as Modal Dialog, and uses the Drawer Dialog Template. To override this default behavior, you can select the desired page mode from the Create Page Wizard.
4.4 Dynamic Action Changes in Page Designer
- Type
- Time
- Immediate
If you upgrade an app that has Dynamic Actions without an Execution Type value, the value is automatically set to Immediate. This is the default behavior.
4.5 UI Changes
User interface changes in this release include:
- The browser console only shows the dynamic action debug message if debugging is turned on. In previous releases, the dynamic action debug message was always displayed.
- Tooltips are now always visible on the Page Designer gallery, regardless of a user's personal settings.
4.6 Compatibility Mode
The application attribute Compatibility Mode controls the compatibility mode of the APEX runtime engine. Certain runtime behaviors change from release to release. You can use the Compatibility Mode attribute to obtain specific application behavior. This section lists Compatibility Mode changes by release. Note that all mode changes are inclusive in that all changes in older releases are included in newer releases.
Compatibility Mode Changes in Mode 4.1
In Oracle Application Express release 4.1, Automatic DML forms raised an error when rendering the page if the column name of the source of an item was invalid. Prior to Oracle Application Express release 4.1, an invalid column name of the source of an item would not raise an error when rendering the page but it would also not set session state of the item.
Also, in Oracle Application Express release 4.1, there are two new application Security Attributes to control Browser Security: Cache and Embed in Frames. Enabling the Cache attribute enables the browser to save the contents of your application's pages in its cache, both in memory and on disk. The Embed in Frames attribute controls if the browser displays your application's pages within a frame. Applications running in a Pre-4.1 Compatibility Mode function as if the Cache is enabled and as if Embed in Frames is set to allowed. Applications running in Compatibility Mode 4.1 or later respect the specific Browser Security attributes.
Also, in Oracle Application Express release 4.1, because of bug 12990445, the following changes were implemented for Automatic Row Processing (DML) process types. The code which performs the INSERT was changed to determine if the columns should be included in the INSERT statement. Note that these are the same checks which occur before an UPDATE. These new checks include:
- Is the source type a DB Column?
- Is the page item contained in the POST request? For example, if the page item is conditional it will not be contained in the POST request if the condition evaluates to FALSE during page rendering.
- Is the page item not of type Display Only where Save State is set to No?
To enable these behaviors, set the Compatibility Mode to 4.1 or later. For behavior that matches earlier releases, set the Compatibility Mode to Pre-4.1.
Compatibility Mode Changes in Mode 4.2
In Oracle Application Express release 4.2 due to changes for the new grid layout, when a page is rendered, all regions in a certain display point are evaluated before rendering that display point, to find out if they should be displayed or not (so that the grid layout knows how many columns to render). The regions where the evaluation returned true will be executed and displayed. However, this will not work if a PL/SQL based region sets session state which is then used in a subsequent region condition to determine if the region should be displayed. In that scenario, the condition has already been checked before the display point is rendered. Use computations or PL/SQL processes to set session state before any region is displayed. In previous versions, the condition was evaluated right before each region was displayed.
In Oracle Application Express release 4.2, computations and processes with a processing point Before Region(s) do now fire before any region gets rendered. Computations and processes with a processing point After Region(s) fire after all regions have been rendered. In previous versions, the computations and processes fired just before and after the region display point Page Template Body (1-3).
Oracle Application Express Patch Set 4.2.2 added two new Compatibility Mode changes for Compatibility Mode 4.2:
- Text areas were changed to always use the Maximum Width attribute to restrict text input.
- Enhanced security for report column links, where the link contains both JavaScript and references to other report column substitutions, for example:
javascript:alert( 'Delete #NAME#' );In the previous example,
NAMEis a column name in the report.
Prior to Oracle Application Express release 4.2.1, to protect against possible cross-site scripting vulnerabilities, you would have had to explicitly escape any column values in the report source, so that they could safely be used in JavaScript links. When running in Compatibility Mode 4.2, Oracle Application Express automatically JavaScript escapes column name substitutions referenced in JavaScript links if the column is defined to escape special characters.
To fix this, Oracle recommends that you remove the manual JavaScript escaping from your report source and use of the native escaping.
Compatibility Mode Changes in Mode 5.0
In Oracle Application Express release 5.0, referencing a Static Application File with #WORKSPACE_IMAGES# no longer returns the application file. Instead, use #APP_IMAGES#.
wwv_flow_custom_auth_std.logout, wwv_flow_custom_auth_std.logout_then_go_to_page, wwv_flow_custom_auth_std.logout_then_go_to_url, and apex_custom_auth.logout are desupported and will raise a runtime error instead of logging out from the Oracle Application Express session. Instead, use the apex_authentication.logout entry point.
Prior to release 5.0, developers using data upload did not have the option to choose a date format. Instead, a parser checked for the best format to match the user's entry or an end user could enter their own format. Oracle Application Express release 5.0 includes a new item that enables the user to choose an application date format or user entered format. Because applications created before release 5.0 do not have an item, a Compatibility Mode of 5.0 checks if the user has entered some data. If no data has been entered, it picks the application date format.
When a session timeout occurs and no timeout URL is specified, Oracle Application Express raises an error instead of redirecting to the application's home page. If the session setup for an Ajax requests fails, Oracle Application Express also raises an error. For Ajax requests that expect JSON, the response is a JSON string with members that describe the error. For other requests, the error appears on an error page.
Page items based on a database column where the attribute Source Used is set to Only when current value in session state is null will raise an error when the page item gets rendered. Using this setting for a database column is very dangerous and can result in accidentally overwriting data when viewing and saving multiple records. Always set the Source Used attribute to Always, replacing any existing value in session state.
Compatibility Mode Changes in Mode 5.1 / 18.1 / 18.2
In Oracle Application Express 18.1, buttons where the Execute Validations attribute is set to Yes also perform some client-side validations (such as item required checks) and will not submit the page until all issues are fixed. In previous versions this flag was just used to determine if server-side validations should be executed.
Tip:
Please pay attention when changing the Compatibility Mode to 5.1/18.1/18.2. Buttons, such as Cancel or Previous, where the Execute Validation flag has incorrectly been set to Yes and which use an After Submit branch, never execute validations when the user clicks the button. You can address this issue by using the new client-side validations, or by setting Execute Validations to No.
In release 5.1, any Ajax-based Dynamic Actions where the "Wait for Result" attribute is set to Yes perform an asynchronous Ajax call. Prior to 5.1, such calls would be made synchronously.
Compatibility Mode Changes in Mode 19.1
In Oracle Application Express 19.1, the Rich Text editor now enforces validation of the Max Length item attribute. When the length of the HTML markup exceeds the Max Length value, the system produces an error message.
Compatibility Mode Changes in Mode 19.2 / 20.1 / 20.2 / 21.1
In Oracle Application Express 19.2, Classic Reports render empty column values as an empty cell instead of using a "non-breaking white-space" ( ).
Compatibility Mode Changes in Mode 21.2 / 22.1 / 22.2
Prior to Oracle Application Express 21.2, all processes of the current processing point have been executed regardless of the added errors.
In Oracle Application Express 21.2, calling APEX_ERROR.ADD_ERROR in a process stops further processes from executing and immediately displays the inline errors.
4.7 Enabling Network Services in Oracle Database
You must enable network services in Oracle Database to send outbound mail, use Web services, or use template-based PDF report printing with BI Publisher in Oracle APEX.
4.7.1 When and Why Network Services Must be Enabled
Enabling network services enables support for sending outbound mail in Oracle APEX, use of Web services in APEX, and PDF report printing with BI Publisher.
By default, the ability to interact with network services is disabled in Oracle Database 11g Release 2 or later. Therefore, if you are running Oracle APEX with Oracle Database 11g Release 2 or later, you must use the new DBMS_NETWORK_ACL_ADMIN package to grant connect privileges to any host for the APEX_220200 database user. Failing to grant these privileges results in issues with:
-
Sending outbound mail in Oracle APEX.
Users can call methods from the
APEX_MAILpackage, but issues arise when sending outbound email. - Consuming web services from APEX.
- Making outbound LDAP calls from APEX.
- PDF report printing with BI Publisher.
Note:
When upgrading APEX on a database 12c or newer, based on the configuration of the old APEX version the upgrade automatically configures Network Services.Tip:
To run the examples described in this section, the compatible initialization parameter of the database must be set to at least 11.1.0.0.0. By default an 11g or 12c database will already have the parameter set properly, but a database upgraded to 11g or 12c from a prior version may not. For information about changing database initialization parameters, see Specifying the Database Compatibility Level in Oracle Multitenant Administrator's Guide.
4.7.2 Granting Connect Privileges in Oracle Database 12c or Later
Procedures CREATE_ACL, ASSIGN_ACL, ADD_PRIVILEGE and CHECK_PRIVILEGE in DBMS_NETWORK_ACL_ADMIN are deprecated in Oracle Database 12c. Oracle recommends to use APPEND_HOST_ACE.
The following example demonstrates how to grant connect privileges to any host for the APEX_220200 database user. This example assumes you connected to the database where Oracle APEX is installed as SYS specifying the SYSDBA role.
BEGIN
DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE(
host => '*',
ace => xs$ace_type(privilege_list => xs$name_list('connect'),
principal_name => 'APEX_220200',
principal_type => xs_acl.ptype_db));
END;
/The following example demonstrates how to provide less privileged access to local network resources. This example enables access to servers on the local host only, such as email and report servers.
BEGIN
DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE(
host => 'localhost',
ace => xs$ace_type(privilege_list => xs$name_list('connect'),
principal_name => 'APEX_220200',
principal_type => xs_acl.ptype_db));
END;
/4.7.3 Troubleshooting an Invalid ACL Error
Learn how to identify any invalid ACL error by running the query.
If you receive an ORA-44416: Invalid ACL error after running the previous script, use the following query to identify the invalid ACL:
REM Show the dangling references to dropped users in the ACL that is assigned
REM to '*'.
SELECT ACL, PRINCIPAL
FROM DBA_NETWORK_ACLS NACL, XDS_ACE ACE
WHERE HOST = '*' AND LOWER_PORT IS NULL AND UPPER_PORT IS NULL AND
NACL.ACLID = ACE.ACLID AND
NOT EXISTS (SELECT NULL FROM ALL_USERS WHERE USERNAME = PRINCIPAL);Next, run the following code to fix the ACL:
DECLARE
ACL_ID RAW(16);
CNT NUMBER;
BEGIN
-- Look for the object ID of the ACL currently assigned to '*'
SELECT ACLID INTO ACL_ID FROM DBA_NETWORK_ACLS
WHERE HOST = '*' AND LOWER_PORT IS NULL AND UPPER_PORT IS NULL;
-- If just some users referenced in the ACL are invalid, remove just those
-- users in the ACL. Otherwise, drop the ACL completely.
SELECT COUNT(PRINCIPAL) INTO CNT FROM XDS_ACE
WHERE ACLID = ACL_ID AND
EXISTS (SELECT NULL FROM ALL_USERS WHERE USERNAME = PRINCIPAL);
IF (CNT > 0) THEN
FOR R IN (SELECT PRINCIPAL FROM XDS_ACE
WHERE ACLID = ACL_ID AND
NOT EXISTS (SELECT NULL FROM ALL_USERS
WHERE USERNAME = PRINCIPAL)) LOOP
UPDATE XDB.XDB$ACL
SET OBJECT_VALUE =
DELETEXML(OBJECT_VALUE,
'/ACL/ACE[PRINCIPAL="'||R.PRINCIPAL||'"]')
WHERE OBJECT_ID = ACL_ID;
END LOOP;
ELSE
DELETE FROM XDB.XDB$ACL WHERE OBJECT_ID = ACL_ID;
END IF;
END;
/
REM commit the changes.
COMMIT;Once the ACL has been fixed, you must run the first script in this section to apply the ACL to the APEX_220200 user.