Campfire Changelog


  • Sanitize OpenGraph content to prevent XSS attacks.
  • Improve system font stack on Windows.
  • Improve appearance and behavior of scroll bars on Windows.
  • Prevent signature verification errors with @mentions when restoring backups between different devices.
  • Isolate message rendering failures to ensure a problematic message does not prevent the rest of the room from rendering.
  • Fix a bug where the share button links use “” instead of the application’s domain.
  • Accessibility improvements.
  • Ensure syntax highlighting is not lost when a message is edited.
  • Validate content type of OpenGraph images before rendering.
  • Disallow image tags in message body in order to guard against malicious image payloads.
  • Fix an issue where the sidebar tools is blurred in Safari 17.3.


Features & changes:
  • Add automatic syntax highlighting for code blocks.
  • Add an up-arrow shortcut to edit your last message.
  • Bot API: include room and message paths in webhook payload.
  • Accessibility improvements.
  • Use Thruster gem, rather than vendored version.
  • Add smaller logo variant in application manifest.
  • Ensure attachment filename is properly escaped when displayed during upload.
  • Ensure only a single connection refresh timer runs at a time.
  • Fix issue where opening the app would not reliably return to the last visited room.
  • Guard against DNS rebind attacks when creating link previews.
  • Use unguessable tokens in avatar URLs to prevent discovery via enumeration.
  • Ensure messages scroll fully into view when editing in Chrome.
  • Don’t broadcast room updates to users who aren’t members of the room.


Fix confusing iconography in flash messages.


  • Add the Chat Bot API: you can now create chat bots for your Campfire instance using a simple HTTP API for sending and receiving messages and attachments.
  • Add Custom CSS: you can now enter your own CSS styles to modify the appearance of your Campfire instance.
  • Add a warning style to messages that fail to send due to network or server errors.
  • Improve accessibility of alert messages.
  • Improve appearance and handling of messages with link previews.
  • Order search results by recency.
  • Improve appearance of @mentions in messages.
  • Ensure users who are removed from a room are disconnected from it immediately.
  • Ensure starting a Ping with someone moves their avatar to the front of the list.
  • Fix an issue where attempting to change a password on Safari caused the form to submit unexpectedly.
  • Fix an issue where Campfire join URLs displayed incorrectly in Apple Messages.
  • Add a copy permalink button to the message action menu.
  • Add download and share buttons to non-image attachments.


  • Improve handling and appearance of link previews in chat messages.
  • Fix an issue where replying to a message may cause a “Content missing” error to be displayed.
  • Restrict autocomplete responses to the rooms each user has access to.
  • Refine behaviour of message actions menu.
  • Upgrade Trix editor for better handling of autocorrected text.


  • Improve design for message actions popup menu.
  • Improve mobile chat layout.
  • Improve design for link previews to display longer excerpts and larger images.
  • Gracefully handle exceptions when generating embedded link previews. Fixes a crash when generating previews for links with invalid OpenGraph metadata.


Escape name in autocomplete user response. Fixes an XSS vulnerability in Campfire’s autocomplete handler.


Campfire goes live.


What’s included?

How do we get it?

After you purchase, we’ll email you a private download link that includes everything you need.

Review all of the FAQs prior to purchase. If anything isn’t clear, just email us.