Upgrade Compatibility Checklist for InterSystems IRIS for Health 2019.1.2
This article highlights those features of the 2019.1.2 release of InterSystems IRIS for Health™ that, because of their difference in this version, affect the administration, operation, or development activities of existing systems.
Need to Recompile Routines and Classes with Embedded SQL
This release contains a correction (DP-402745) where an ORDER BY DESC in a query could return an incomplete set of records; however, embedded SQL code will only use this correction if the code is recompiled. Consequently, after upgrading to version 2019.1.2, you should recompile any routines and classes that contain embedded SQL code that can contain this construct.
Improved Handling of SameSite HTTP Option
Recent updates to browser security have changed handling of third-party cookies. These updates use the SameSite attribute to reduce the risk of cross-site request forgery (CSRF) attacks, unauthorized access to data, and other possible security issues. Chrome (starting with v.84) enforces stricter rules for SameSite behavior, and these rules can cause issues with existing websites and web applications. These issues may include login problems, the login page being displayed repeatedly, and page elements not displaying properly. In previous versions, Caché did not support modifications to the SameSite attribute; hence web applications running on these versions may have such issues.
This release solves these problems by setting the SameSite attribute for cookies and by allowing you to set change the default setting; however, you may need to modify your code to customize values setting the session cookie scope and the user cookie scope. Additionally, if you are using “SameSite=None”, you must ensure that your web application can support secure HTTPS connections. This change first appeared in maintenance release 2019.1.2. Note that this change was also in Caché/Ensemble 2018.1.5.
Web Sockets with SharedConnection=1 Can Now Timeout
In previous releases a Web Socket connection with SharedConnection=1 would never timeout. With this change, this connection will time out if it is inactive for the CSP session timeout. This change first appeared in maintenance release 2019.1.2.
Timing Changes in Business Intelligence ResultSet
This changes the way that the %DeepSee.ResultSet operates during concurrent executions to preserve the integrity of results. Applications using the %DeepSee.ResultSet where the optimistic concurrency worked correctly before this fix may start noticing results are not ready when going to read them. If this is occurring, make sure the results are complete by checking for:
before attempting to read results. This change first appeared in maintenance release 2019.1.2. Note that this change was also in Caché/Ensemble 2018.1.4.
%dsCellContext in KPI/Plugin Code Changes
This change fixed the cell context passed to a %KPI plugin's %dsCellContext environment variable. Applications that directly apply the contents of %dsCellContext to an MDX query will not see a change in behavior. But applications which parse the contents of %dsCellContext to be used in further action should verify that the custom code still handles the original MDX clauses. This change first appeared in maintenance release 2019.1.2. Note that this change was also in Caché/Ensemble 2018.1.4.