Completed
Last Updated: 24 Feb 2021 15:54 by ADMIN
Release R1 2021 SP1
The CORS is enabled in the Report Server for all domains. This makes the application vulnerable to CORS attacks. The problem may be avoided by making CORS configurable.
Unplanned
Last Updated: 24 Feb 2021 13:27 by ADMIN
Created by: Matt
Comments: 1
Type: Feature Request
1

Hello, 

 

It would be nice to edit raw html or paste html into the mail template editor.

Completed
Last Updated: 24 Feb 2021 10:04 by ADMIN
Release R1 2021 SP1

I create a Report Book in the Standalone designer that is connected to my Report Server. When I add the first two reports, the Report Book is rendered as expected. When I add the third one, it fails with the exception:

Report processing was cancelled.
Index was out of range. Must be non-negative and less than the size of the collection.
Parameter name: index

Here is a link to a short video demonstrating the problem. All the individual reports run correctly.

 

Completed
Last Updated: 24 Feb 2021 10:04 by ADMIN
Release R1 2021 SP1
I updated our Telerik Report Server to 6.2.20.1021. Afterward, the users with custom roles could no longer see report categories.
This leads to users not being able to open the report from the table and sends them to a bad URL since the category is undefined.
Unplanned
Last Updated: 27 Jan 2021 11:53 by ADMIN
I have a number of scheduled tasks that use report parameter values from the report in the body of the email.  If I untick the "use default value" checkbox of a DateTime parameter, it is replaced with the DateTime. However, if the checkbox is selected, the placeholder is not replaced with the value and is displayed as it is in the mail template, e.g. "{@createdDate} ". The String parameters are never replaced with the actual values. This can be observed in versions 5.0.19.116 and 7.0.21.120.
Completed
Last Updated: 20 Jan 2021 14:04 by ADMIN
Release R1 2021
Created by: Waz
Comments: 1
Type: Bug Report
0

Hi,

 

I have a report that is scheduled to happen first day of every month. The thing is that when I look at the next occurrence of the report, it is happening on the second day of the month. I am attaching the report settings herewith. Please let me know if you have a solution/ explanation to get this corrected. Thanks a lot in advance.

 

 

Unplanned
Last Updated: 22 Dec 2020 08:10 by ADMIN
Created by: e-Bate
Comments: 0
Type: Feature Request
2
Currently, the only requirement for the user password is to have at least 6 characters. This is too weak and it would be good if the password strength is made configurable.
Completed
Last Updated: 18 Nov 2020 10:24 by ADMIN
Release R3 2020 SP1 (Latest Internal Build)
Our server time updated according to daylight savings time and fell back an hour.  The report scheduler, however, is sending out reports an hour early instead of using the server time.
Completed
Last Updated: 21 Oct 2020 12:15 by ADMIN
Release R3 2020 SP1
Users which only have access to their own categories can see the categories of the other users when they perform filtering - see the attached image.
Completed
Last Updated: 21 Oct 2020 12:15 by ADMIN
Release R3 2020 SP1
We have done a security analysis and we found that there are some vulnerabilities with the default Telerik reports project as below.

Poor Error Handling: Unhandled exception

Error pages containing stack traces were found on these pages:
https://reports.abc.com/Account/ForgotPassword POST parameters: __RequestVerificationToken, Email
https://reports.abc.com/Account/Login POST parameters: __RequestVerificationToken, Username, Password, RememberMe, ReturnUrl https://reports.abc.com/api/reportserver/documents/C$39cae14f81d$9809a8279f1$72d6f30af5b7ed1809a23e

Stack traces are call chains of line numbered source code that usually result from unhandled exceptions. Unhandled exceptions are circumstances in which the application has received user input that it did not expect and doesn't know how to deal with. In many cases, an attacker can leverage the conditions that cause these errors in order to gain unauthorized access to the system. Recommendations include designing and adding consistent error-handling mechanisms that are capable of handling any user input to your web application, providing meaningful detail to end-users, and preventing error messages that might provide information useful to an attacker from being displayed.
Completed
Last Updated: 21 Oct 2020 12:15 by ADMIN
Release R3 2020 SP1
Having debugging turned on comes at a significant performance cost.
Completed
Last Updated: 21 Oct 2020 12:15 by ADMIN
Release R3 2020 SP1

There are vulnerabilities in the Report Server related to Cross-Site Scripting.

Under Review
Last Updated: 19 Oct 2020 18:23 by ADMIN
Currently the accessToken expires in 30min and cannot be controlled. Please, make this expiration time configurable.
Unplanned
Last Updated: 1 Oct 2020 07:57 by ADMIN

Getting this error in the browser when trying to preview a report:

Error registering the viewer with the service.
An error has occurred.
Incorrect value (null) deserialized. Make sure you are using CacheStorage inside single-instance application deployment only.

A possible reason is the cache for the Report Server used for previewing reports has become corrupted. A workaround is explained in the Telerik.Reporting.Cache.CacheStorage.AddInSet NullReferenceException KB article.

It will be very convenient for the user to be able to clear the cache directly from the Report Server Manager UI.

Completed
Last Updated: 17 Sep 2020 03:59 by ADMIN
Created by: Greg
Comments: 3
Type: Feature Request
29
In many cases one can't simply ask users to download an installed report builder. The reports should be buildable in a web based tool.
Completed
Last Updated: 16 Sep 2020 13:21 by ADMIN
Release 2020 R3

It seems that when you try to open two tabs in the same browser looking at different websites, the browser gets confused about the URL that is sending the request. Issue is related to CORS protocol and HTTP caches.

It sounds like something needs to be changed on the report server so that even if it gets cached it would still allow access when I switch sub domains.  Or something on the viewer side to clear the cache.

Completed
Last Updated: 14 Aug 2020 13:00 by ADMIN
Release 2020 R2 SP1 (Latest Internal Build)
Upgrade to R2 2020 (6.1.20.513) or R2 2020 SP1 (6.1.20.618) fails when the storage contains invalid DateTime values (An invalid time falls within a range of times for the current time zone that cannot be mapped to Coordinated Universal Time (UTC) due to the application of an adjustment rule. Typically, invalid times occur when the time moves ahead for daylight saving time)
Unplanned
Last Updated: 13 Aug 2020 13:39 by ADMIN
Created by: Cedric
Comments: 2
Type: Feature Request
1

The Whitelabeling option are extremely limited.

I would like to see more customization available like removing the sidebar completely, or based on user settings / roles - as well as the top title bar (where logo is).

Customizable themes would go a long way.

Being able to integrate the existing report server pages into our own website would cut down on a lot of work.

 

Planned
Last Updated: 4 Aug 2020 14:27 by ADMIN
The Migration tool updates the source storage instance to its own version prior to migration process. This might cause issues in scenarios where an older version of Report Server storage is used in production and the migration is performed using a newer version of Migration tool. The tool must show a confirmation dialog and wait for input from user before modifying the source storage.
Pending Review
Last Updated: 28 Jul 2020 15:33 by ADMIN
The Scheduled Task and Data Alert definitions should have the option to allow copying the generated report on some predefined path.