---

layout: post title: Apache Wicket 9.1.0 released

The Apache Wicket PMC is proud to announce Apache Wicket 9.1.0!

Apache Wicket is an open source Java component oriented web application framework that powers thousands of web applications and web sites for governments, stores, universities, cities, banks, email providers, and more. You can find more about Apache Wicket at https://wicket.apache.org

This release marks another minor release of Wicket 9. We use semantic versioning for the development of Wicket, and as such no API breaks are present breaks are present in this release compared to 9.0.0.

Using this release

With Apache Maven update your dependency to (and don't forget to update any other dependencies on Wicket projects to the same version):

{% highlight xml%} org.apache.wicket wicket-core 9.1.0 {% endhighlight%}

Or download and build the distribution yourself, or use our convenience binary package you can find here:

• Download: http://wicket.apache.org/start/wicket-9.x.html#manually

Upgrading from earlier versions

If you upgrade from 9.y.z this release is a drop in replacement. If you come from a version prior to 9.0.0, please read our Wicket 9 migration guide found at

• http://s.apache.org/wicket9migrate

Have fun!

— The Wicket team

========================================================================

The signatures for the source release artefacts:

Signature for apache-wicket-9.1.0.zip:

iQIzBAABCgAdFiEE0a6YZHC1pJw+aieyh48B+qjTVuEFAl99/FsACgkQh48B+qjT VuE0kQ//TmQc53B9FrAgSWV8BKFAtxzjAhQiFilWp1/5vLyLZFUYAraQ6DMoH2GR s2JMcbZJGmjplwG2Yy6LGXEksFV9wBTnEA4RGREV06K6ihx7Qm2zjgunZZSswZIr MuLQYMnrXmAM2Qs071b17a5k2Gkw1+CST51KwOUD7u5l7UZOvUcXRL1xTBemOZ9s RMbcbnjesxct3W2ASkGvULE7oHpBXrrDRHbv4mRFjWsSOjoasXJNtKJoUcoVtBnz xwMlN/dZTEJLlj7uG2jW5mqFj+vfWP01UE+XR2HlJmW54puErcGE4+/haAJdvlwe +rP2XNwAAD5rp3jIcpHerBOt7pruWEDhOwaydm0jJvsPh82SibKCmhnlJlxpdJE3 udvMKvU/zcASLHOHZ33wF/JSvO9kCI4LHCEJfYICcNpTktpzNUrhMQkXOVTj3pGS vcFB6/rFWWHxaxtUZKJTCb2tcCN5LMIr1Thcyb5BUCC2ZN8PqNSjI9L6EtzG7Jyd PnkJiJayn6VUVr6WTP+UEVlqPvDTqg/yuhquQmYjz1uYPQS8lL5WpHUvQnmtiJ2S yAeHNJm+pJRxDgs9CIAhAToTM38y09Y/aM2T5R+iOI6u/tLovFWBS8YxUYkUdPHP /9YOBXan7Q1XqBz8W6nfsvrvtbZYhYfU0FOsxcgHK9pGbkxPWnA= =0JCC -----END PGP SIGNATURE-----

Signature for apache-wicket-9.1.0.tar.gz:

iQIzBAABCgAdFiEE0a6YZHC1pJw+aieyh48B+qjTVuEFAl99/FsACgkQh48B+qjT VuE4vQ//ZAhCOuedc/LCKKTQU/uE/nF+i9PcCS/SsFVJbvoCzyVSoSQwQCYbM+E4 kd8YYr8CG1PNpKMyxsNuBEG9ttR8ZCDfEKIVD727y2vLk9L5SefY6/dRanLO/cc0 1rGYwtMfJby//P/pXdjeG6Qta3FHb2AcZtIyzPTFFciIuebccUsM48UDU6HT3weN aKwgr5uUQVInVRV7pEGC0ziRMRkyYRStBLZNioR2BjCV7IxnWdeWTjapD9kAiY5H 2d1J0ItW/4mtohKWiem4JPX1HTf+U2d02qTq2i5ykDKfytoMUvFlIuP0kl7J5K/t NdfOzgcmMgZa+wjy0z46TEEdq63JdRu3Cpy3wkkTy9GF2+6UJdXQ1z9dbGbmNkTy 0WZWGf85s8rekJVwt66TUih6Mlcl1Fb57zOYndrkb/AHB1ehF90JIf/DqLdplfbS fFinL9Q7myeM2GM3uivmR6TF2ZvtCbGfiWQ4DKLTIXJYDsqxTDSDrroxk3j/P64h 1havxw/X45FZsMaoMX7xdVO5drK65LSLpea0OpkHPWr9x0OetI4iQssxpUcoAXj0 OPPZ66Luci/Au9rodmP7bW5X5ttlXxSjkvLRgk2GibD3NpcJHrHLF1UWeDwH5XIJ Bsuw7X2vIgtzu2GCLHoudgGp9yQYXuxI5adnrC9Lyg+BeEQhc+U= =rzeT -----END PGP SIGNATURE-----

========================================================================

This Release

CHANGELOG for 9.1.0:

Bug

• [WICKET-6702] - AsynchronousPageStore with NotDetachedModelChecker - “Not detached model found” exception on several fast sequential Ajax calls
• [WICKET-6802] - FilePageStore writing to UserDefinedFileAttributeView might be null
• [WICKET-6803] - wicket-objectsizeof-agent has no valid automatic module name
• [WICKET-6806] - CSP header response decorator breaks JavaScriptFilteredIntoFooterHeaderResponse
• [WICKET-6808] - Cannot add page to AjaxRequestTarget
• [WICKET-6810] - Asynchronous+encrypted pagestore leads to WicketRuntimeException
• [WICKET-6813] - Setting child-src does not update frame-src after initial assignment
• [WICKET-6818] - NPE in WicketEndpoint onClose
• [WICKET-6822] - AsynchronousPageStore Potential Memory Leak
• [WICKET-6825] - wicket-ioc 9.0.0 throws IAE with JDK14, still includes outdated ASM 7.1.0 in cglib-nodep
• [WICKET-6837] - Jupiter engine transitively included in war file

New Feature

• [WICKET-6805] - Add Cross-Origin Opener Policy and Cross-Origin Embedder Policy support

Improvement

• [WICKET-6786] - CsrfPreventionRequestCycleListener should support Fetch Metadata Request Headers
• [WICKET-6807] - Fake Submitting Button
• [WICKET-6821] - Completely disable CSP support
• [WICKET-6824] - Use concatenation instead of String.format for frequently called methods
• [WICKET-6826] - Improve performance and reduce allocations for Behaviors
• [WICKET-6827] - Improve performance of Strings.join and Strings.replaceAll
• [WICKET-6828] - Wrong tree branch icon with hidden children
• [WICKET-6829] - Use String.isEmpty() instead of "".equals(...)
• [WICKET-6830] - Convert Behaviors into a static utility class to reduce allocations
• [WICKET-6831] - Try to flush the response before detach
• [WICKET-6833] - Reduce allocations when merging page parameters
• [WICKET-6835] - Improve performance of AbstractMapper.getPlaceholder
• [WICKET-6838] - Improve performance of Strings.split