Transaction numbers do not get to Touchnet due to an issue with ancillaryData handling.

Bug# 10472

The "Unable to process payment at this time. Please contact library staff if this problem persists. Response signature provided from CyberSource payment provider could not be confirmed." error occurs when a user makes a payment in CyberSource but closes out before successfully navigating back to Aeon.

Bug# 9361

When scaling an item record's window down, the notes field becomes inaccessible, even when a note is present.

Bug# 10317

The ApiKeyAuthenticationMiddleware layer is invoked unnecessarily for non-secure endpoints, resulting in invalid X-AEON-API-KEY header log statements.

Bug# 10273

Once the h5 header is updated to h4, there is an empty header that breaks accessibility.

Bug# 10178

Bug# 9085

Users can submit duplicate requests through external requesting by rapidly clicking the submit button.

Bug# 4702

When adding a transaction to a bundle, Aeon is creating an entry in the History table. The Entry column is limited to 255 characters, which throws an error if the bundle has a name that exceeds the limit.

Bug# 8806

When a user submits a request, the request is created as expected after logging in. Then, if the user clicks the refresh button in their browser, a duplicate request is submitted.

If the user is already logged in and attempts to refresh after submitting the request, I get the: "This form has already been submitted. Duplicate request not created." error as expected.

Bug# 8826

For example, validating a transaction without username results in the following:
2x "username can't be empty"
1x " is not a valid username"
1x "user cannot be anonymous"

Bug# 8889

Bug# 9003

The custom search is displaying the correct, converted, time in the client; however, custom searches look for the unconverted UTC time from the database.

v5.0.3 and 4.1.0.2
Bug# 8689

When creating a user with an expired password and resetting their password via an email reset link, the user will immediately be presented with another password change form (because their previous password was expired).

Bug# 8687

The default pages do not currently support special date formats such as ISO8601 for the ActivityStatusDate. When adding the ISO8601 to the code, the pages are preventing the UTC time from being converted to the user's local timezone.

Bug# 8611

When submitting a new request through the web and manually typing in the date, the date will be accepted regardless of if it is a blackout date. The blackout date will be unavailable if you attempt to select it from the calendar.

Workaround: Disable the manual entry to the date field by adding the below code to the scheduled_date.js:

// Disable manual entry for date
scheduledDate.attr("readonly", true);

Bug# 8364

When submitting a Get Barcode request to the Aeon API with the ActiveOnly parameter set to True will prompt an error.

Bug# 8308

A second class attribute was added for action items in the data row template. The contextual classes (e.g, menuClone) should be included in the earlier class definitions.

<a class="dropdown-item btn btn-light <#DATAROW field="RequestActionAllowed" name="Clone" disabledValue="d-none">" href="aeon.dll?Action=11&Form=32&Value=<#DATAROW field="TransactionNumber">" class="menuClone"><span aria-hidden="true" class="fas fa-copy text-primary"></span> &nbsp;Clone Request</a>

Bug# 7869

Not all Date/Time fields are coded with the ISO8601 date.

Bug# 7710

Security scans may ping the following old commented out jQuery in the web pages that needs to be removed:

<!-- Optional JavaScript -->
<!-- jQuery first, then Popper.js, then Bootstrap JS -->
<!--<script src="https://code.jquery.com/jquery-3.4.1.slim.min.js&quot; integrity="sha384-J6qa4849blE2+poT4WnyKhv5vZF5SrPo0iEjwBvKU7imGFAV0wwj1yYfoRSJoZ+n"

crossorigin="anonymous"></script>-->

Bug# 7573