v4.3.1

4.3.1 (2020-03-06)

This versions fixes a Cross-Site Scripting (XSS) vulnerability (#4344) when using the refinementList widget when relying on its default item template and routing. We recommend all users to upgrade to this version. We now escape the refinementList item template by default, which avoids HTML to be injected. If ever you were relying on this behavior, which we do not recommend, you can copy the previous item template into your widget.

You were not vulnerable to this XSS if:

• You didn't use routing
• You didn't use use the refinementList widget (connectRefinementList is not subject to this issue)
• You used a custom item template for your refinementList widget that does not rely on the triple-brace Hogan.js syntax (e.g., {{{highlighted}}})

Bug Fixes

• refinementList: prevent XSS via routing (#4344) (8552221)

v4.3.0

4.3.0 (2020-02-25)

Bug Fixes

• deps: update dependency algoliasearch-helper to v3.1.1 that fixes a case where refinements for a facet with a name that matches a substring of another facet could be cleared by mistake (algolia/algoliasearch-helper-js/pull/760) (#4335) (9bc66cf)

Features

• highlight: add cssClasses to snippet & highlight helper (#4306) (ece0aa6)

v4.2.0

4.2.0 (2020-01-23)

Features

• algoliasearch: add support for algoliasearch v4 (#4294) (73f1584)
• insights: add getInsightsAnonymousUserToken helper (#4279) (4653f95)

The perf game

Major highlights for this release:

• All around performance improvements
• Widgets are now collapsable
• You can now use React templates
• You can override the default search being done (= conditionally choose when to do a search)
• Many small but annoying bug fixes

1.3.0 (2016-03-04)

Bug Fixes

• browser support: make IE lte 10 work by fixing Object.getPrototypeOf (bbb264b
• menu,refinementList: sort by count AND name to avoid reorders on refine (02fe7bf, closes #65
• priceRanges: pass the bound refine to the form (ce2b956
• searchBox: handle external updates of the query (6a0af14, closes #803
• searchBox: stop setting the query twice (91270b2
• searchBox: stop updating query at eachkeystroke with searchOnEnterKeyPressOnly (28dc4d2, closes #875
• Slider: do not render Slider when range.min === range.max (f20274e
• Template: now render() when templateKey changes (8906224
• toggle: pass isRefined to toggleRefinement (8ac494e
• url-sync: always decode incoming query string (bea38e3, closes #848
• url-sync: handle href pages (e58aadc, closes #790

Features

• collapsable widgets: add collapsable and collapsed option (c4df7c5
• instantsearch: allow overriding the helper.search function (9a930e7
• rangeSlider: allow passing min and max values (409295c, closes #858
• searchBox: allow to pass a queryHook (5786a64
• Template: allow template functions to return a React element (748077d
• Template: allow template functions to return a React element (0f9296d

Performance Improvements

• autoHideContainer: stop re-creating React components (8c89862
• formatting numbers: stop using a default locale, use the system one (b056554
• nouislider: upgrade nouislider, shaves some more ms (fefbe65
• React: use babel optimisation option for React (95f940c
• React, widgets: implement shouldComponentUpdate, reduce bind (5efaac1