Verj.io V5.10.0 released

Check for important Verj.io announcements such as version, service packs and patch releases, event dates, etc

Moderators: Jon, Steve, Ian, civanderputt, Dave

Steve
Moderator
Moderator
Posts: 414
Joined: Fri Sep 07, 2007 3:44 pm
Location: Sandy, UK
Contact:

Verj.io V5.10.0 released

#1

Postby Steve » Wed Oct 06, 2021 8:42 am

Verj.io V5.10.0 is now available and can be downloaded using the links below.

Downloads:
Verj.io Studio Links:
Windows 64 bit: https://downloads.verj.io/verjio/v5.10. ... _win64.exe
Linux 64 bit: https://downloads.verj.io/verjio/v5.10. ... x64.tar.gz
Mac: https://downloads.verj.io/verjio/v5.10. ... _0_mac.dmg

On-premise Server Links
Windows 64 bit: https://downloads.verj.io/verjio/v5.10. ... _win64.exe
Linux 64 bit: https://downloads.verj.io/verjio/v5.10. ... x64.tar.gz


Changes:
Here is a summary of changes introduced in Version 5.10.0:

  1. The Content Security Policy (CSP) header can now be enabled and edited in Form Properties and the Form Property Defaults section of a Presentation Template. CSP provides an additional layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to distribute malware. CSP support is disabled by default and can be activated in Form Properties or the Presentation Template.
    The output from all Verj.io controls, layouts and presentation templates is CSP compliant by default. However, developers should be aware that the configuration of inline CSS and inline Javascript can cause CSP violations which will prevent a page being displayed.
  2. Several new File Upload controls have been added and these provide an alternative to the existing file upload mechanism using the form.uploadFileFromBrowser() functions. The new controls provide better customisation and more functionality with events and API methods, to make it easier to create a seamless user experience.
  3. A new Web Resource Access section has been added to the Server Admin App which provides an interface to define a set of permissions required to access Web Resources. This allows more nuanced control over access to files within a web application, utilising existing security permissions.
  4. The Verj.io Studio now allows the developer to customize their own Controls Palette. The Custom Palette allows the developer to organize their most used controls into a tree structure for convenience and efficiency.
  5. The authentication, authorization and general error pages have been changed to .JSP files. They will automatically replace the previous .HTM files when upgrading to 5.10 unless the web.xml file has been modified locally, in which case the web.xml will need to be manually changed in order to point at the new files.
  6. The HttpHeaderSecurityFilter provides protection against XSS and some other attacks. This is included into the web.xml supplied with the product. The filter is not enabled as default, but should be configured for your environment if your server is exposed directly to the internet. See HttpHeaderSecurityFilter]here for more information.
  7. Verj.io Studio memory and performance fixes.
  8. Security Fixes:
    • Verj.io Server JQuery version updated to v3.5.1 which includes fixes to XSS vulnerabilities. Click here for more details.
    • Http Cookie security updates when using server scripting client.addCookie():
      • If the connection is secure (HTTPS), the cookie is automatically set to Secure. The cookie value is only sent over a secure connection.
      • The cookie attribute HttpOnly is automatically added to the cookie. This attribute prevents XSS attacks by preventing scripting API’s from accessing the cookie value. This attribute can be overridden and switched off in the Server Admin App (Server Properties -> General Properties).
    • The LDAP protocol using LDAPServices defaults to using LDAPS unless otherwise specified in the Server Admin App (Server Properties -> Security Properties).
  9. Verj.io Studio memory and performance fixes.
  10. And many other bug fixes and enhancements!

Release notes and installation instructions:
See the V5.10 Readme
0 x

Who is online

Users browsing this forum: No registered users and 7 guests