168 Views

1. Magento 2.4 vs 2.3: Stronger Security

  • Magento 2.4 version provides 30+ fixes over security issues to protect the account against remote code execution (RCE) and cross-site scripting (XSS).
  • Access to Magento Admin UI now requires Two-factor authentication (2FA) from all devices.

Others security improvements worth noting:

  • Template filter strict mode is now enabled by default. The Magento team must have realized the security flaws of template filters in legacy mode. Changing the default setting to strict mode is expected to stop any attempts to remote code execution (RCE).
  • No more Data rendering for UI data providers. The permanent removal of this feature in default is promised to eliminate any malicious execution of arbitrary JavaScript from outside.
  • A new \Magento\Framework\Escaper class is now available. Both .phtml templates and the PHP classes responsible for generating HTML are now provided with the new class.
  • New security.txt file. Magento 2.4 also supports a new security.txt file. It is known as an industry-standard file on the server that collects reports on security issues from researchers to sites admins.

Optimize Your Magento Store With Powerful Extensions

Looking for fast, efficient and well-coded extensions to build or optimize your Magento stores for sales boosting

2. Magento 2.4 vs 2.3: What’s new in platform upgrades?

  • Support for PHP 7.4 and deprecation of PHP 7.1 and PHP 7.2
  • Support for PHPUnit 9.x and deprecation of PHPUnit 6.5
  • Elasticsearch 7.6.x. Elasticsearch 7.6.x is chosen as Magento’s default catalog search engine. Any installation or upgrade to Magento 2.4.0 will also require the installation of Elasticsearch 7.6.x. Read more about Elasticsearch here.
  • MySQL 8.0 support. The latest version of Magento will provide better performance, security, and reliability thanks to MySQL 8.x.
  • Removal of MySQL catalog search engine. MySQL is replaced by Elasticsearch. Installation of Elasticsearch 7.6.x is necessary before upgrading to Magento Commerce or Magento Open Source 2.4.0. Read Check the catalog search engine to work it out.
  • MariaDB 10.4 support. Followed by the support for MySQL 8.0 is MariaDB 10.4. Magento experts encourage merchants to deploy MariaDB 10.4 for its high performance and reliability.
  • Migration of Zend Framework to the Laminas Project
  • Decomposition of Magento Controllers
  • Removal of the core integration of the Signifyd fraud protection code. Signifyd Fraud & Chargeback Protection extension is the alternative.
  • Removal of core Brainee module. Check Braintree Payments to see new features.

3. Magento 2.4 vs 2.3: Infrastructure Improvements

  • Deprecation of Magento core payment integrations
  • Support for partial-word search for Elasticsearch
  • PayPal JavaScript SDK upgrade
  • Deprecation and removal of the Web Setup Wizard
  • Composer update plugin
  • Seller-assisted shopping

4. Magento 2.4 vs 2.3: Performance Improvements

  • Improvements to customer data section invalidation logic
  • Multiple optimizations to Redis performance
  • Improved caching of results of SQL queries to inventory tables
  • Improvement of up to 25-30% to Quick Order add-to-cart performance.

5. Magento 2.4 vs 2.3: New Adobe Stock Integration

Media Gallery now allows merchants to license stock image preview. So less steps are taken, unlike Magento 2.3.

6. Magento 2.4 vs 2.3: New Features of GraphQL

  • pickupLocations query supports the Inventory In-store pickup feature.
  • categories query helps create a list of categories after a specified filter is applied.
  • After logging in, an user can add all previously-ordered items into their cart with reorderItems mutation.

7. Magento 2.4 vs 2.3: Latest PWA Studio Version

Magento 2.4.0 is compatible with PWA Studio 7.0.0. Check this PWA Studio 7.0.0 Release to understand its complete features. Check the Magento full list of compatibility here.

8. Magento 2.4 vs 2.3: New Media Gallery

The New Media Gallery shows a fresh, search-friendly interface. According to Magento, the speed of the latest gallery version is up to 30x faster for searching, filtering and sorting images compared to its forerunner. Merchants should also acknowledge that extensions once deployed for Media Gallery will not work completely the same for New Media Gallery.

9. Magento 2.4 vs 2.3: Better Inventory Management

  • Support for in-store pickup. The instore-delivery method allows users to select a source as pickup location during checkout.
  • Support for bundle products with multi source mode.

Fixed Issues

Magento 2.4 core code no longer has its predecessors’ issues. In this post, we have collected 10 salient elements behind the massive fix that no merchants should miss. For any of you who want to check the full list, please refer to this Official announcement of Magento 2.4.

1. Backend

  • Admin can now preview Email templates (Admin > Marketing > Communications > Email Templates) after enabling JavaScript minification. No more empty popup window issue as before.
  • Administrator accounts with restricted permissions can now access the Admin. Previously, this was impossible because the log-in link navigated to a 404 storefront page.
  • Duplicated products no longer lead to duplicate SEO data (URL key, meta title, meta keywords, and meta description).
  • Magento users can delete images created from Admin > Content > PagesAdd New Page without errors.

2. Cart and checkout

  • There are no errors during checkout when the Synchronize with Backend configuration setting is enabled.
  • Radio buttons for shipping methods are added into the checkout flow.
  • After merchants choose multiple addresses to ship an order and enable Terms and conditions with the Applied Manually setting, the order review page in the checkout workflow still loads as usual. No 404 page.
  • The spinning icon is now included in the price updating process of the cart.
  • A message will inform customers about out-of-stock products in mini carts before checkout. After this item is removed, Proceed to Checkout button will appear instantly.
  • Instead of a blank page, an informative error message will let customers know when they can’t use Order by SKU option due to corrupted file upload.
  • The cart price rules don’t apply to the whole products within a bundle but only to child products that match the criteria rules.
  • StorefrontMiniCartSection has been replaced byStorefrontMinicartSection in MFTF tests.
  • The shipping address form now has no Hard coded references to the country selector component.
  • In Internet Explorer, when the cursor hovers over the Delete icon in the shopping cart, it has no underlines as before.
  • When users select the same address for both billing and shipping address, changes in the billing street doesn’t affect shipping address.
  • The promotion region of the mini cart is modified as requested.
Optimize your cart and checkout with these extensions:

1. Magento 2 Checkout Success Page Builder: allows you to build professional Magento 2 checkout success page using drag and drop.

2. Magento 2 Ajax Cart Pro Extension: helps customers continue shopping without having to wait for pages to reload after every time adding items to cart or removing items from the cart.

3. Magento 2 Order Attributes Extension: allows you to add additional attribute fields to the checkout page so that customers can leave their extra information of their order.

3. Catalog

  • Users can change the name of a tiered product that is included in a scheduled update without errors.
  • Users can save Custom attribute values from the Admin.
  • The Recently View Products is only displayed when Stores > Configurations > Catalog > Recently Viewed/Compared Products > Show for Current is set to store view.
  • Product images remain its aspect ratio in the mini cart without being stretched to fill the whole image container.
  • The getBasePrice function now returns a float value rather than a string.
  • The product compare feature accurately displays products according to the current user’s compare list.
  • You can now assign a default watermark to a theme without a fatal error.
  • You can edit a configurable product with many subproducts (approximately 5,000) without errors.
  • Alphabetical order is now applied for sorting on attribute sets on Admin > Catalog > Products
  • Using an invalid price to filter products on the Category page no longer results in an error.
Gain Customer Insights with Magento 2 Customer Attributes

4. Customer

  • If customers firstly subscribe to newsletters as a guest and then register for a new account, their subscriptions still exist.
  • A new PHPSession is used every time a password is changed.
  • To successfully associate a customer with a particular website, you can use the Associate to Website dropdown menu on Customers > All Customers > Add new Customer.
  • For better checkout workflow, Magento automatically updates the default billing or shipping addresses in the My Account section when customers use invalid payment info and get declined but later complete the purchase.
  • After you enable cron and set Update By Schedule for Customer Grid indexer, customer data can be imported successfully by the Customer and Addresses (single file) option.
  • Previously you cannot create a new customer when date of birth is required even though you enter a valid date. Now you can.
  • When you create a new customer from Admin, it now has default customer group setting.
  • When a customer log-out and then log-in again, the PHPSessionId is changed.
  • When a customer adds a product to their cart from a non-default website, the product is now displayed in the Admin. Previously, it wasn’t displayed even when Share customer account was set to Global.
  • From the Admin, you will only view the products customers put into their cart, not the full product list in catalog.
  • There are no errors when you edit the date of birth of a customer from the Admin.
  • There’s no need to fill in the email field when placing an order from the Admin.
  • In mobile view, from the My Account dashboard, email address values are accurately displayed.
  • The registration request is submitted only once no matter how many times you click the Create an Account button on the customer registration form.
Note: If you want to gain customer insights and then deliver exactly what they need, discover Magento 2 Customer Attributes and Customer Segmentation extension.

5. Email

  • When customers request a return, an authorization email with expected RMA status is sent to them instead of an empty string.
  • When customers report a forgotten password in multi-site deployments and their accounts are shared globally, they can still stay on the current site. Previously, they were redirected to where they created their accounts.
  • When customers receive an order confirmation email, they will see the list of ordered items. Previously, when this email is generated from default template in the Admin, the list wasn’t included.

6. Images

  • Category images are now saved in pub/media/catalog/category as it should be instead of pub/media/catalog/tmp/category as before.
  • When a bigger watermark image overlays a smaller product image, the product image is still visible.
  • When you save an image to a category from the Admin, the image URL still remains the same and you can reopen it.
  • .png images can be uploaded and displayed successfully.
  • You can make an image thumbnail by using REST and no errors occur.
  • You can add your own custom attributes to images generated by Block\Product\ImageFactory successfully.
  • When you view a storefront from an iPhone, you can see the images displayed as expected. No more blurred or distorted images.
  • When the Magento_blank theme is used, you can now see the default store logo on the storefront.

7. Orders

When the website display settings specify that taxes should be excluded, order summary subtotals no longer display excluded taxes. Before, the defined setting in server variables was used for stores in multiple websites despite the store-level configurations.

8. Sales

  • When an order is completed, it is displayed in the payment system and now also in Magento. Previously, there was no display in Magento.
  • Magento now honors a customer’s default shipping address given that Same As Billing Address setting is enabled by default.
  • Refunds for orders with discounts are now calculated correctly.
  • When a new customer creates an order in multi-site deployments, it will be assigned the correct Group ID, not from the default customer group.
  • Administrators with limited permissions can view an order (including invoice and shipments) from the Order pages without errors.
  • When the number of a product added to the cart is bigger than half of the existing product stock but smaller than the total stock, customers can still proceed successfully.
  • When there’s only 1 product left in the stock, you can add that product to the cart from the Admin without errors.
  • Instead of a report page, Magento notifies you with a message when the product admin tries to re-order has the number of characters exceed the maximum.
  • Refactored layout of the Sales order address information edit form is now matched with Admin form library conventions.
  • The checkboxes now work well on the Products section of the Catalog > Categories.
  • Re-orders are now disabled as expected when a merchant
  • Merchants can successfully disable re-orders by this config: Admin > Store > Configuration > Sales > Reorder > Allow Order.
  • When you set a custom price for an order in the Admin, getPrice() method doesn’t return a string but a float or null.
  • Instead of a status, a state is displayed in the State Code and Title column of Admin > Stores > Settings > Order Status now.
  • PDF invoices no longer capture the wrong purchase date when created in a GB locale.

 

9. Search

  • Elasticsearch 7.6.x is the new default catalog search engine. To install/upgrade Magento 2.4.0, you need to firstly install Elasticsearch. Check out the link to see what Magento says about the full advantages of this new feature.
  • < and > symbols are rendered correctly in storefront catalog search strings.
  • Products now well show in categories after running cron:run in deployments implementing Elasticsearch.
  • A new product attribute is now searchable on the storefront without full search re-index requirement.
  • When you apply filters for a configurable product, out-of-stock items are no longer displayed.
  • When you click on the search input box on the mobile view of Safari, the viewport is no longer resized.

10. Theme

  • The bug in JsFooterPlugin.php that affected the display of dynamic blocks is now fixed.
  • A string can be added to underscore templates thanks to the i18n method.
  • Refactored section-config module has reduced errors caused by requests from third-party.
  • There’s no more LoadCssAsync HTML format errors