v1.0.6
🔐 Sidecar CX v1.0.6 Release: Enhanced Security & Custom Widget Mounting
We're excited to announce the release of Sidecar CX v1.0.6, bringing important security enhancements, greater flexibility for widget placement, and updates to third-party dependencies to keep your installation secure and up to date.
🛡️ Strengthened Security with CSRF Protection
Security is always a top priority at Sidecar CX, and with this release, we’ve added Cross-Site Request Forgery (CSRF) protection to further safeguard your application.
What is CSRF?
CSRF is a type of attack where an attacker tricks an authenticated user into making unintended requests on a trusted site. This can lead to unauthorized actions being performed on behalf of a user without their consent.
How Does This Update Help?
- Prevents unauthorized requests from malicious websites that try to exploit active user sessions.
- Ensures your interactions with Sidecar CX remain secure by verifying that every request comes from a legitimate source.
- Protects both cloud and self-hosted environments, providing an extra layer of defense.
With this update, your Sidecar CX deployment is more secure against external threats, giving you peace of mind.
🎨 Custom Widget Mount Points for Greater Flexibility
We've introduced custom mount points for Sidecar CX widgets, giving you full control over where and how they appear on your site.
What’s New?
- You can now define a specific
divelement where the AI-powered widget will be inserted. - Use your own CSS styling to seamlessly integrate the widget into your site’s design.
- More control over placement—instead of a default floating widget, you can embed it anywhere on the page.
How to Use It
- Create a
divelement with anidof your choice in your HTML.<div id="custom-widget-container" /> - Style it with CSS to match your site’s design.
#custom-widget-container {width: 100%;height: 600px;max-width: 400px;margin: 20px auto;}
- Tell Sidecar CX to mount the widget to your
div.<scriptsrc="http://ai-agent.sidecarcx.local:4200/search-widget.js?id=<YOUR_AGENT_ID>&mount=custom-widget-container"async></script>- NOTE: For the AI-powered Chatbot Agent, providing a mount point will disable the floating
chat button and will instead mount the Chatbot directly into the custom
div.
- NOTE: For the AI-powered Chatbot Agent, providing a mount point will disable the floating
chat button and will instead mount the Chatbot directly into the custom
This update gives you the power to fully customize your AI Agent’s placement while maintaining a cohesive look and feel for your brand.
🔄 Security & Performance Updates to Dependencies
To ensure Sidecar CX remains fast, secure, and reliable, we’ve also updated our third-party dependencies to their latest versions. These updates bring:
- Security patches to prevent vulnerabilities.
- Performance optimizations for a smoother experience.
- Improved stability across cloud and self-hosted environments.
Keeping dependencies up to date is a critical part of maintaining a secure platform, and we’re committed to ensuring Sidecar CX remains a safe and efficient solution for all users.
🚀 How to Get This Update
This update is now available for both Cloud and Self-Hosted environments. Updates to the cloud are automatic. For Self-Hosted, to ensure you’re benefiting from the latest security and functionality improvements, check out our updated installation and upgrade documentation:
🔮 What’s Next?
We’re always working on new ways to improve Sidecar CX, with upcoming releases focusing on even more customization, expanded AI Agent capabilities, and enhanced analytics to help you get the most out of your content.
Thank you for being part of the Sidecar CX journey! If you have feedback, questions, or feature requests, we’d love to hear from you.
— The Sidecar CX Team