CSSCurrent en:Update from v5.6.0 to v5.7.0
Important Update Notes
In case your language packages have been modified, the attached delta-file delta_english_lp_5.6.0_to_5.7.0.txt can help you to locate the changes in this update and re-apply the modifications. The structure of this file is explained in Language Pack Changes.
Changes in this version
Button to re-generate an auto-generated password
With this button it is possible to re-generate an auto-generated password when the password suggested by the system contains unwanted characters or is too complicated.
Button to copy password to clipboard
With this button it is possible to copy the generated password to clipboard.
Added CSP header
The CSP header helps to detect and mitigate certain types of attacks, e.g. Cross-Site Scripting (XSS). For this purpose CSP header allows the client(browser) to access only certain defined resources. In the default configuration only resources from the server domain are allowed. To allow additional resources, the cryptshare.properties can be used. This can be the case by customizing the user interface (e.g. reference logo from other resources)
Possibility to validate the host header
As before, the Cryptshare Server will respond to HTTP requests regardless of the contents of the 'Host'-header. To protect against Host-Header-Injection-Attacks, the server can be configured to block requests with a Host-header that is not the canonical host of this system.
- Information about deactivated features when changing the license.
- Added logo and title to admin login screen.
- Added link pointing to the download area for language packs.
- Several included third-party components have been updated.
- The Java Runtime Environment has been updated to version 11.0.18.