Xenforo 2 2.0.8 (only patch)

Quote

Hot on the heels of our previous GDPR centric releases, today we're pleased to announce the release of XenForo 1.5.21 and XenForo 2.0.7 which aims to resolve some issues found since the release of the previous versions, and include a few further tweaks to enhance GDPR compliance on your forum.

A summary of the changes in this release are as follows:

• Ensure the server side validates the privacy policy/terms and rules acceptance form (XF1 and XF2)
• Ensure certain fields output in the data portability exports are escaped (XF1 and XF2)
• Some small phrase adjustments (XF1 and XF2)
• Attempt to ensure the new cookie notice does not hide the footer links (XF1 and XF2)
• Ensure data portability features are only available to admins with the "Manage users" permission (XF1 and XF2)
• If the geoLocationUrl option is empty, no longer attempt to link a user's location (XF1 and XF2)
• If a user's location is linked, ensure that noreferrer and nofollow values are set (XF1 and XF2)
• Implement the ability to add an unsubscribe link to admin sent emails (XF1)
• Fix issues with selecting the new bottom fixer notice type (XF1)
• Fix for invalid CSS (XF1)
• Fix broken register_twitter template (XF1)
• Not GDPR related, but fix issue with toggling Q&A CAPTCHA questions (XF2)
• Use consistent variables for displaying privacy policy and terms and rules URLs on help pages (XF2)
• Ensure default privacy policy and terms and rules help pages are redirected appropriately when custom URLs are set (XF2)
• Do not display protected change log entries (like policy acceptance dates) for potential spammers in the user approval queue (XF2)

The following templates have been changed in this release:

• account_contact_details (XF1)
• account_privacy (XF1)
• help_index (XF2)
• help_wrapper (XF2)
• helper_account (XF2)
• member_about (XF2)
• member_view (XF1)
• message_macros (XF2)
• message_user_info (XF1)
• public.css (XF1)
• register_twitter (XF1)