@howdash you need to use QPI before and unbundle and update PostgreSQL to 14.8 (which is the required version since QS Aug. 2023 already). The bundeling was never a good solution in the first place and the unbundeling (before QPI 1.3) caused more trouble than necessary.  

Thanks for the reply @Klaus75 and fair point.

To clarify my question, I'm curious what behavior should be expected when upgrading from a version of Qlik Sense that's running on PostgreSQL version 14.8 vs. version 12.5.

For context, it's still possible to upgrade to Aug. 2023 and newer while using bundled PostgreSQL 12.5, but there's this warning message recommending that PostgreSQL is updated:

Notice that the Next button is available. If clicked, the upgrade process will let a newer version of Qlik Sense be installed on top of PostgreSQL version 12.5.

However, if I'm upgrading a Qlik Sense version that is using version 9.6 of PostgreSQL, the upgrade process shows an error message and will not let the upgrade process to proceed until PostgreSQL is upgraded:

Notice that the Next button is grayed out.

To rephrase my question, will we start seeing the same message for Qlik Sense servers that are using bundled PostgreSQL version 12.5 as we are currently seeing with bundled PostgreSQL version 9.6? Meaning, no possible upgrade of Qlik Sense until PostgreSQL is upgrade or will we still be able to upgrade to Nov. 2024 but we'll see the warning message recommending that PostgreSQL should be upgraded?

Hello @howdash 

These changes mentioned here do not affect PostgreSQL. For PostgreSQL versions (what is supported and what is not based on each release) please review the System Requirements, which includes the requirements for November 2024 upon release. 

All the best,
Sonja 

@mountaindude @fmarvnnt 

Hello,

I've received additional information for you:

Qlik Sense Enterprise Client-Managed Update for CSRF Token Retrieval in Enigma.js

Change Summary: An upcoming change to Qlik Sense Enterprise client-managed requires users of the Enigma.js framework to retrieve a Cross-Site Request Forgery (CSRF) token before connecting to the Qlik Engine. This is necessary when using embedded applications and auth patterns such as JWT (JSON Web Tokens) on the client-managed site.

Key Changes:

CSRF Token Retrieval: Users must fetch a CSRF token from the Qlik Sense site before initiating a WebSocket connection. This can be done using a function to retrieve the token from the endpoint /qps/csrftoken.

Example code for retrieving the CSRF token:

js
const getCsrfToken = async (host, auth) => {
const res = await fetch(`${host}/qps/csrftoken`, {
headers: { Authorization: `Bearer ${auth}` },
});
return res.headers.get('QLIK_CSRF_TOKEN');
};

Modify WebSocket Connection:

The CSRF token should be appended to the WebSocket connection URL as a query parameter when creating a new socket.

Example connection configuration:

const config = {
schema,
url: `wss://${senseHost}/${proxyPrefix}/app/engineData${csrfQuery}`,
createSocket: (url) => new WebSocket(url, {
headers: { Authorization: `Bearer ${signedToken}` },
}),
};

Customer Action Required:

Add a step to retrieve the CSRF token before making engine connections. Pass the CSRF token as part of the WebSocket URL in the connection configuration.

What is changing regarding 

• Qlik Sense Mobile client-managed (link)

As in the Apple Store is the same application 1.26.0 that had an update 2 months ago.

Hello do we have any update on when the November release will drop? 

its anticipated to be tomorrow.

Hello @StephanieR ,

The release is now available in the download page.

https://community.qlik.com/t5/Download-Qlik-Products/tkb-p/Downloads

Regards,
Benoit

Hi - Could we get some more detail please about the csrf requirement for websocket?

[1] When I run a GET request in postman to:

${host}/qps/csrftoken

With an:

Authorization: `Bearer ${JWT}`

header I get a '400The http request header is incorrect.'. What header(s) am I missing?

[2] What is the equivalent for username/password auth? Previously as far as I can see the websocket was extablished immediately and it returned the 'loginUri' which was then used to establish the authenticated connection.

[3] On this page https://community.qlik.com/t5/Release-Notes/Sense-Enterprise-on-Windows-release-notes-November-2024-... 

These headers are mentioned:

• Access-Control-Allow-Origin: https://localhost:8080
• Access-Control- Allow-Credentials: true
• Access-Control-Expose-Headers: qlik-csrf-token

Are these only for browser based integrations?

Thank you @Sonja_Bauernfeind for information !

Could this have an impact on the Geo Analytics connector ? We're experiencing an access problem after migration, but maybe that's a coincidence !

All the best
Johann