On 17th of April the following was released:
- ISL Conference Proxy 4.4.2424.180 for for Windows 64bit (Platform=win64, Revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15, req_os_version=0x0a000000-0x7fffffff)
- ISL Conference Proxy 4.4.2424.180 for for Linux 64bit (Platform=linux64, Revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15, req_os_version=0x0206200000-0xffffffffff)
Modules
- Administration 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- Audit 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- Authentication 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- Backup 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- Core Login 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- DNS 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- GeoIP 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- Integrator 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- ISL AlwaysOn 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- ISL Groop 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- ISL Light 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- ISL Meeting 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- ISL Pronto 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- Locale 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- NTP 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- PostgreSQL 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- Reports 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- SSL 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- Storage 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
- System Monitor 4.4.2424.180 (revision=183b60daac95f2b3792f0f25a50b60ef0086df15, release_date=2025-04-15)
Translations
- administration_20250415_20250415_081338.translation
- backup_20250415_20250415_081338.translation
- core_login_20250415_20250415_081338.translation
- integrator_20250415_20250415_081338.translation
- isl_alwayson_20250415_20250415_081338.translation
- isl_conference_proxy_20250415_20250415_081338.translation
- isl_groop_20250415_20250415_081338.translation
- isl_light_20250415_20250415_081338.translation
- isl_pronto_20250415_20250415_081338.translation
- reports_20250415_20250415_081338.translation
- ssl_20250415_20250415_081338.translation
Update availability
All updates have release date set to 2025-04-15. Your ESS will need to be same or higher to be able to update your server. This release is available to all countries except Japan.
Upgrading to new version
This are server side updates so hosted service users do not need to do anything.
Server license users please check Upgrading Server License
Improvements
ISL Conference Proxy - Core - Upgrade OpenSSL to 3.0.16 (SECURITY) [ISLCONFPROXY-3439] More
Description
OpenSSL was updated to 3.0.16.
ISL Conference Proxy - Core - Upgrade to libxml2 2.12.10 and libxslt 1.1.42 (SECURITY) [ISLCONFPROXY-3455] More
Description
Libxml2 was upgraded to version 2.12.10. Libxslt was upgraded to version 1.1.42.
ISL Conference Proxy - Administration - Add domain/admin/computer/group/list/1 (FEATURE) [ISLCONFPROXY-2001] More
Description
New webapi method "domain/admin/computer/group/list/1" was registered, which returns list of domain computer groups (not user groups). Session user must be Domain Admin otherwise "insufficient permissions" error is returned.
ISL Conference Proxy - Administration - Add domain/admin/computer/list/1 (FEATURE) [ISLCONFPROXY-2002] More
Description
New webapi method "domain/admin/computer/list/1" was registered, which returns list of domain computers matching given search parameters. Session user must be Domain Admin otherwise "insufficient permissions" error is returned. First entry in "allowed" list is the computer owner.
ISL Conference Proxy - Administration - Add domain/admin/computer/tag/list/1 (FEATURE) [ISLCONFPROXY-2022] More
Description
New webapi method "domain/admin/computer/tag/list/1" was registered which returns list of domain computer tags matching filter. Session user must be Domain Admin otherwise "insufficient permissions" error is returned.
ISL Conference Proxy - Administration - Add support to create/delete computer groups (FEATURE) [ISLCONFPROXY-2668] More
Description
Support to create and delete computer groups was added to Administration. Group can be created in Computer Groups tab with quick view. Computers can be added to computer group only after group was created.
New webapi methods were added:
- "domain/admin/computergroup/create/1": Creates new computer group with given name, owner and members (connect only). Returns public code of the new computer group.
- "domain/admin/computergroup/delete/1": Deletes given computer group. Group is not deleted if it is external or if it still has computers and/or members.
Computers list was added to computer group quick view. Computers can be added or removed from group (confirmation is shown).
New subtab "Computers" was added to Computer Group details page that lists computers in current computer group.
New setting "Create, edit and delete computer groups (domain admin only)" was added to Administration -> Settings -> General.
When this setting is enabled it allows managing the "Computer Groups" tab in Administration. There, the user can view a list of computer groups in their domain, create new groups, change their members and delete existing ones. When this setting is disabled, the user can only view the list of computer groups. Please note that the user must be a domain admin to access Administration (see the "Domain Admin" setting). Setting is enabled by default.
ISL Conference Proxy - Administration - Update "Computers" tab to use latest web GUI elements (FEATURE) [ISLCONFPROXY-2801] More
Description
Computers tab was implemented with latest GUI elements (responsive table, filter builder).
New webapi "domain/admin/computer/list/2" was added to support filtering computers.
New webapi "domain/admin/program/info/1" was added that exposed all versions and platforms for specific program. Webapi uses "internal/utils/program/info/1" to get actual data.
Changes on other tabs:
- Audit
- data column now has "Show more" which expands parsed JSON below
- All tabs
- templates (for filter builder and table) were now merged so only one template is used and needs to be maintained
- hover show/hide actions to create filter
- "Add Filter" dialog focus border now does not make inputs jump/resize
ISL Conference Proxy - Administration - Add export computers list action (FEATURE) [ISLCONFPROXY-2833] More
Description
Option to export all computers in domain with their data was added to Computers tab.
ISL Conference Proxy - Administration - Add computer details page and quick access in table (FEATURE) [ISLCONFPROXY-2844] More
Description
Quick view for computer was added to computer list table.
Computer details page was added, which can be accessed from quick view or click on computer name.
New setting "Edit computers (domain admin only)" was added to Administration -> Settings -> General.
When this setting is enabled it allows managing the "Computers" tab in Administration. The user can change the computer name, assign to a computer group or owner, share computer with user(s) or user group(s) and set tags to the remote computer. When this setting is disabled, the user can only view the list of remote computers. Please note that the user must be a domain admin to access the Administration (see the "Domain Admin" setting). Setting is enabled by default.
ISL Conference Proxy - Administration - Enable computer management view (FEATURE) [ISLCONFPROXY-3001] More
Description
Computers tab was added to Administration pages that allows view, edit and export of all computers registered to a domain.
ISL Conference Proxy - Core - Add support to send email notification to user when creating user account (FEATURE) [ISLCONFPROXY-3028] More
Description
Added a new notification email that is sent when a user account is created. The behaviour can be controlled with two new settings "Account created notification", and "Mail template for account created notification" (both in /conf > Configuration > General > Mail > Templates). The notification is sent when a user account is created via the following methods:
- server administration
- domain administration
- integrator
- SAML login
- external authenticator
ISL Conference Proxy - Core - Remove urlwebsid from login page (FEATURE) [ISLCONFPROXY-3063] More
Description
Removed the "urlwebsid" and "websid" plaintext URL parameters from the login process.
ISL Conference Proxy - ISL AlwaysOn - Remove websid from web pages URL query parameter (FEATURE) [ISLCONFPROXY-3073] More
Description
Usage of "websid" (web session token) on ISL AlwaysOn web pages was replaced with webtoken in session cookie. To support this change, apis for files and actions were moved to /users scope.
ISL Conference Proxy - Integrator - Add mandatory readable name for integration (FEATURE) [ISLCONFPROXY-3088] More
Description
Display name was added to integrators. This field is mandatory and can be displayed to the users. Display name can also be changed.
Field "key_id" which was previously provided by the user, is now generated UUID (this UUID is then used in JWT calls).
Webapi "system/integrator/jwt/add/1" now returns UUID (key) of newly created integrator.
ISL Conference Proxy - Core - Use CPSESSID cookie in webapi2 handler (FEATURE) [ISLCONFPROXY-3101] More
Description
Web session cookie support was added to WebAPI2, meaning clients can now call "/users/webapi2" to use make use of the web session cookie. A new JSON2 format was also added to support this transition, in the following format:
{ "hs": session web token (when not calling /users/webapi2) "pt": post token for the current websession (used to validate the web token extracted from cookie on users scope) "hedata": payload of request (whole body in old JSON1 format) "ignore_cookie": force ignore of web session cookie (optional) }Additionally, usage of web session ID in plaintext was removed from all web pages and "hs" is no longer used in WebAPI2 requests and responses, as all requests now use the new JSON2 format and the "/users/webapi2" endpoint, and web session is controlled through cookie. This applies to v2400 web pages.
ISL Conference Proxy - Core Login - Update confirmation and verification code emails (FEATURE) [ISLCONFPROXY-3149] More
Description
Updated the look of confirmation and verification code emails that are sent when logging in with email set as preferred 2FA method.
ISL Conference Proxy - ISL Pronto - Signed onetime start chat links (FEATURE) [ISLCONFPROXY-3153] More
Description
Added support for locking the start chat flow for ISL Pronto to ISL Conference Proxy, meaning users can only join chats with signed generated chat start links, which can be single- or multi-use. This functionality is disabled by default, and can be enabled with the new setting "Require a valid chat token for the client to start chat" (/conf > Configuration > ISL Pronto > Chat Links). Signed generated chat start links must be created by ISL Conference Proxy, through the new "islpronto/client/chat/link/create/1" WebAPI2 call. This call supports specifying (among other ISL Pronto specific options) an in-token validity in seconds and whether this token is single- or multi-use, and returns a valid link.
Single-use links only allow one client with a valid link to join, being marked as expired after use, while multi-use links allow any client with a valid link to join.
Both types of links must be used within the expiry period, controlled with a new setting "Maximum chat link validity (in seconds)" (/conf > Configuration > ISL Pronto > Chat Links). Additionally, both types of links allow for existing chat refresh or re-join for an additional 24h (by default) after the in-token validity has expired. This grace period can be controlled with a new setting "Chat link grace period (in seconds)" (/conf > Configuration > ISL Pronto > Chat Links).
ISL Conference Proxy - ISL Pronto - Chat transfer system messages (FEATURE) [ISLCONFPROXY-3183] More
Description
System messages upon chat transfer and takeover were added. Messages have the form of: "X wants to transfer the chat to Y", " Y has taken over the chat".
ISL Conference Proxy - Core - Remove v1 template and web pages v1, v2, v3, v4 (FEATURE) [ISLCONFPROXY-3275] More
Description
Support for v1 web template and old web pages (v1, v2, v3 and v4) was removed and pages are no longer served (default web page version will be served instead). Web call "/join" will now redirect directly to "join.html". Some deprecated and no longer used web handlers and XPP expressions were also removed as they were only referenced from now removed web versions.
ISL Conference Proxy - Core, ISL Light - Join session method selector (FEATURE) [ISLCONFPROXY-3297] More
Description
Support for selecting join method for ISL Light session was added to ISL Conference Proxy. New setting "Join session method" was added to /conf -> Configuration -> ISL Light, with following options: "Ask every time", "Join in app" and "Join in browser", with default set to "Join in app". If "Ask every time" is selected, the join page will present the user with two buttons, "Join in App" (will download app/standard flow) and "Join in Browser" (will redirect user to ISL Light Web Viewer). If "Join in app" is selected, the existing standard flow will be used. If "Join in browser" is selected, the join page will present user with one button, "Join in Browser" (will redirect user to ISL Light Web Viewer).
ISL Conference Proxy - Core - Product page URL overrides (FEATURE) [ISLCONFPROXY-3314] More
Description
Added support for XML product page overrides to WA2 call "utils/product_pages/get/1". If XML override setting is set, then it automatically overrides the existing product pages and only overrides are returned upon calling "utils/product_pages/get/1". If level is not set in product page attribute, it is automatically defaulted to 0.
New setting "Product page XML override" was added to /conf -> Web server (where it can be set on server level) and /conf -> Configuration -> Advanced -> Subdomains (to set it on subdomain).
ISL Conference Proxy - Core - CPSESSID_RESTORE session redirect support (FEATURE) [ISLCONFPROXY-3318] More
Description
Added a web session redirect handler with support for restoring a session from a restore token. This allows for more secure redirects without having to involve CPSESSID anywhere.
[INTERNAL] ISL Conference Proxy - Core - Support cmake and perl build flags (FEATURE) [ISLCONFPROXY-3323] More
Description
Support for using flags was added for cmake and perl build files.
ISL Conference Proxy - ISL Light - "Connect in Browser" for Sessions/Computers (FEATURE) [ISLCONFPROXY-3336] More
Description
New option to Start/Open/Resume a Light session via ISL Light Web was added to Sessions pages. "Start New Session" on Sessions page was renamed to "New Session", split button with options: "New Session (default)" and "New Session in Browser (beta)", where "default" is same behavior as in previous versions (downloading ISL Light application) and "beta" starts new session in new tab in browser via ISL Light Web. For an active Light session, new options are "Open in App (default)" and "Open in Browser (beta)". For paused Light session new options are "Resume in App (default)" and "Resume in Browser (beta)"
New setting: "Browser session support" was added to /conf -> Configuration -> ISL Light. Setting is enabled by default. When setting is disabled, only "New Session" button is displayed, using default flow.
New option to Connect to remote computer via ISL Light Web was added to Computers pages. Connect button will now have options: "Connect in App (default)" and "Connect in Browser (beta)".
New setting: "Browser connect support" was added to /conf -> Configuration -> ISL AlwaysOn. Setting is enabled by default. When setting is disabled, only default flow is available.
ISL Conference Proxy - Integrator - integrator/session/restore/create/1 (FEATURE) [ISLCONFPROXY-3346] More
Description
Added a new "integrator/session/restore/create/1" WebAPI2 integrator call, which supports creating a restore token for an active web session.
[INTERNAL] ISL Conference Proxy - Core - Add ISLCP_GJRPC_URL and ISLCP_USERS_WEBAPI2_URL to icptest port mapper (FEATURE) [ISLCONFPROXY-3349] More
Description
ISLCP_GJRPC_URL and ISLCP_USERS_WEBAPI2_URL was added to icptest port mapper. The feature is used in test module.
ISL Conference Proxy - Integrator - Notify on password and email user raw key change (FEATURE) [ISLCONFPROXY-3351] More
Description
Added a new version of the "integrator/user/key/raw/set/2" WebAPI2 call, which also supports the "notify" parameter. Setting this parameter to "true" will notify the user when the "email" or "password" keys are changed in their account, using the standard notification email.
ISL Conference Proxy - Core - Remove "cookie_require_post_token" from web session when inserting with XPP command (FEATURE) [ISLCONFPROXY-3355] More
Description
When a web token is used with the XPP pre-processor "web_session_id" command, the token is downgraded to no longer require a post token.
ISL Conference Proxy - Core - Remove post token required from webtoken when using redirect link with restore websession and set post token required when restoring webtoken (FEATURE) [ISLCONFPROXY-3356] More
Description
When using the session redirect mechanism for restoring sessions, if the original web token requires a post token, it is downgraded, and the restored web token does not require a post token. When using the CPSESSID_RESTORE mechanism for restoring sessions, if the original web token requires a post token, then the restored web token will also require a post token, however, it will still be downgraded, if the user chooses to use it with web pages older than v2400.
ISL Conference Proxy - Core - Support for recaptcha enterprise and automated browser detection/blocking (FEATURE) [ISLCONFPROXY-3360] More
Description
Option to setup recaptcha provided by Google Cloud services was added to ISL Conference Proxy (in previous versions only standalone recaptcha v2 and v3 were supported). New settings were added that can be used to provide required info for Google Cloud recaptcha:
- Project ID - Google Cloud project ID that has reCAPTCHA configured and enabled. This project will be used to assess user actions.
- API key - Google Cloud API key used for authentication that is associated with the current project.
- reCAPTCHA required - This setting controls if reCAPTCHA is required on protected webapis.
- reCAPTCHA site key - The reCAPTCHA key associated with the site or application.
- Fail 2 ban reason codes - List of interpreted reason codes that should be marked for fail 2 ban. Insert reCAPTCHA supported reason codes prefixed with "rc_".
Existing and new settings related to recaptcha were reorganized and grouped. When Google Cloud recaptcha is set up, recaptcha v2 and v3 are not used, even if they are set up. Setting "Fail 2 ban reason codes" can be used to provide list of codes that should be marked for ban when recaptcha assessment detected it - https://cloud.google.com/recaptcha/docs/interpret-assessment-website#understand_reason_codes. For reason codes to be available "reCAPTCHA Standard" or "reCAPTCHA Enterprise" plan must be used.
Specific user action (that is used on frontend when performing assessment) can now be provided with new URL argument "captcha_action". Using actions should result in better monitoring of pages and insight into different web page usage and abuse patterns.
ISL Conference Proxy - Core - SAML setting rules support multiple values for attributes and checks (FEATURE) [ISLCONFPROXY-3368] More
Description
"External authenticator login settings rules", "SAML login settings rules" and login dialog settings rules were extended with support for multiple values:
- key-from-attr supports joining multiple attributes using a separator: "SEPARATOR","ATTRIBUTE" (if separator is not needed, use "")
["key-from-attr","realname","first"," ","middle"," ","last"] /* setting realname will have: */ /* in case middle is empty, setting realname will have: */
- check-key, check-attr, check-in-group support multiple values matching one for success (OR expression)
["check-key","k","v","v2"] /* setting key k value must be v OR v2 */ ["check-attr","a","v","v2"] /* attribute a value must be v OR v2 */ ["check-in-group","g","g2"] /* user must be in group g OR g2 */
ISL Conference Proxy - ISL Light - Add option to send chat content in HTTP events (FEATURE) [ISLCONFPROXY-3383] More
Description
New setting "Send live chat transcripts in HTTP events" was added to /conf -> Configuration -> ISL Light. This setting controls whether HTTP events include live chat transcripts from sessions. The setting also requires "Send live chat transcripts" to be set to "Yes". Setting is disabled by default.
New http event is named "CHAT_CONTENT" and actual content is stored in "text" field.
ISL Conference Proxy - Core - Administration setting SSO username mapping (FEATURE) [ISLCONFPROXY-3385] More
Description
Setting "SSO username mapping" is now available in Administration under "Security > Authentication > Single Sign-On (SSO)".
This setting allows administrators to map a Single Sign-On (SSO) identity provider's username to a corresponding domain username within the organization. The mapping is case-insensitive and restricted to the specified domain.
For example, if you have an existing username "\\example\joesmith" and an SSO username "joe.smith@example.com" in your identity provider, you can configure the "SSO username mapping" to "joe.smith@example.com" for "\\example\joesmith". When the user logs in with "joe.smith@example.com" via your identity provider, they will be authenticated as "\\example\joesmith".
ISL Conference Proxy - Core - Run authenticode on all Go module exe files (FEATURE) [ISLCONFPROXY-3390] More
Description
Build of Go modules was fixed to sign all .exe files. Executables now contain digital signature which should reduce the probability of being incorrectly detected as virus by antivirus programs.
ISL Conference Proxy - Core - Password history tooltips (FEATURE) [ISLCONFPROXY-3391] More
Description
Tooltips with setting details for password history settings were added to /conf -> Security page.
ISL Conference Proxy - Core - Disable organization login layout for language ja (FEATURE) [ISLCONFPROXY-3392] More
Description
When language is set to "ja" (japanese), organization login layout will be disabled in user interface - forced to "Username & Password".
ISL Conference Proxy - Core - Alter password history checking behavior (0=off/1=current/N=N-1) (FEATURE) [ISLCONFPROXY-3394] More
Description
Password history checking behavior was altered in the following way:
- When setting "Password history size" = 0 | password history is disabled (previous version: same)
- When setting "Password history size" = 1 | new password is only checked against the current password (previous version: current + 1 from history)
- When setting "Password history size" > 1 | new password is checked against the current password + N-1 from history (previous version: current + N from history)
ISL Conference Proxy - Administration - Expose password history settings (FEATURE) [ISLCONFPROXY-3395] More
Description
Password history settings (please see ISLCONFPROXY-3048 from previous release for details) are now exposed in Administration pages in "Security" section:
- Password history size
- Maximum password history size (*read-only*)
- Minimum password age (1w 2d 3h 4m 5s)
- Maximum password age (1w 2d 3h 4m 5s)
ISL Conference Proxy - Integrator - Add integrator/session/restore/2 (FEATURE) [ISLCONFPROXY-3405] More
Description
Added a new version "integrator/session/restore/2" WebAPI2 integrator call, which returns some additional data when restoring a web token from a restore token. Compared to the old version, the new version additionally returns the following fields: language, time zone, time zone offset, and session type.
[INTERNAL] ISL Conference Proxy - Core - Add support for "register_webapp_websocket_handler" config json command (FEATURE) [ISLCONFPROXY-3407] More
Description
Added new command "register_webapp_websocket_handler" to moduleapps config.json API.
ISL Conference Proxy - Locale - Improve error handling (FEATURE) [ISLCONFPROXY-3409] More
Description
Made internal changes to the Locale module to better handle and report time zone and timestamp calculation errors. Additionally, several internal consistency checks were implemented.
ISL Conference Proxy - ISL Meeting - Prepare isl_meeting module (FEATURE) [ISLCONFPROXY-3411] More
Description
New module "ISL Meeting" was prepared. New features are not enabled yet.
ISL Conference Proxy - Core - Add support for custom "from" in "internal/utils/email/system/3" (FEATURE) [ISLCONFPROXY-3412] More
Description
New webapi method "internal/utils/email/system/3" was added that compared to previous versions supports custom "from" address for sent emails.
ISL Conference Proxy - Integrator - Return login token from integrator/user/create (FEATURE) [ISLCONFPROXY-3414] More
Description
New webapi (version) "integrator/user/create/3" was added. This webapi can be used by integrators to create new user and also login (generate webtoken) with the same user.
Webapi works same as previous versions but when caller provides "login" argument, caller must have "user_login" permission and then response will contain valid login token for newly created user.
Language for new session is read from "hl/lang" URL argument.
Caller can provide timezone for new session as "tz" argument.
ISL Conference Proxy - Integrator - Add new webapi that checks if main user with specific username already exists (FEATURE) [ISLCONFPROXY-3415] More
Description
New webapi method "integrator/mainuser/exists/1" was added, that can be used to check if main user with given username already exists. Caller must have "check_main_user" permission.
New permission "check_main_user" was added to integrators.
ISL Conference Proxy - Core - Add new test port that has http -> https redirecting disabled (FEATURE) [ISLCONFPROXY-3416] More
Description
When ISL Conference Proxy is in integration testing mode, a new port that has HTTP->HTTPS redirects disabled is opened for the purposes of testing.
ISL Conference Proxy - PostgreSQL - Add option to upgrade PostgreSQL version on demand (FEATURE) [ISLCONFPROXY-3418] More
Description
Support for manual upgrade of PostgreSQL was added. Manual upgrade is required when there is major version upgrade (9.3 -> 16), minor version changes are still upgraded automatically.
When upgrade is possible (postgresql module has new version of PostgreSQL), /conf now shows message on top: "A new PostgreSQL version (16) is available for installation.", together with estimated time and space required for upgrade (based on number of rows in database). Upgrade action looks the same as actions in PostgreSQL installation, two clicks to start upgrade are required, on link "Upgrade to PostgreSQL version 16..." and then on button "Execute".
[INTERNAL] ISL Conference Proxy - Core - Treat unknown flags the same as tagged with resolved (FEATURE) [ISLCONFPROXY-3426] More
Description
Flags that are not mentioned in flags/ folder will be now treated as having a resolved tag during tests. Resolved flags are enabled when "enable_flags" dev flag is enabled. Additionally several new log lines will be logged in case the flag is unknown during runtime: "missing tag information for flag", "unknown xpp flag", "unknown flagpp flag". Each of these messages indicates a problem in the flag registration and should be investigated and fixed.
ISL Conference Proxy - Core - restore_websession_token GRID handler (FEATURE) [ISLCONFPROXY-3429] More
Description
Added support for restoring web session tokens via remote calls when servers are connected in a grid. This affects the internals of "integrator/session/restore/1" and "integrator/session/restore/2" WebAPI2 integrator calls.
ISL Conference Proxy - Core - Improve missing web call exception message & throw instead of abort for missing local call (FEATURE) [ISLCONFPROXY-3430] More
Description
Made minor tweaks to the internals of handling remote calls when multiple servers are connected in a grid.
ISL Conference Proxy - Core - ISL Light Client v3/v4 selector (FEATURE) [ISLCONFPROXY-3433] More
Description
Setting "Desktop client version" was added to "ISL Light" in server administration, it is supported on all levels (server, domain, user). The possible values are:
- Latest (default): select "ISL Light Client" based on regular algorithm - latest (can be also forced https://<icp_server_address>/start/ISLLightClient?isl_light_version=latest)
- v3: select "ISL Light Client" that is tagged with "isl_light_v3=1" header value (can be also forced https://<icp_server_address>/start/ISLLightClient?isl_light_version=v3)
Old releases of ISL Light Client and Desk before 2025-02-06 are tagged with "isl_light_v3=1" automatically.
ISL Conference Proxy - ISL Light - Safe args & cmdline cleanup for ISL Light Web (FEATURE) [ISLCONFPROXY-3434] More
Description
List of allowed safe args for ISL Light was updated to allow ISL Light Web.
ISL Conference Proxy - Core - Remove timeout from moduleapp startup (FEATURE) [ISLCONFPROXY-3446] More
Description
120s timeout exception when starting or restarting a Go moduleapp process was removed and replaced with a critical log line "module app process has not started yet" every 10s.
ISL Conference Proxy - Core - Upgrade jemalloc to version 5.3.0 (FEATURE) [ISLCONFPROXY-3448] More
Description
jemalloc was upgraded from 4.0.4 to 5.3.0 in ISL Conference Proxy for Linux.
ISL Conference Proxy - Core - Upgrade jQuery-UI to 1.14.1 in v2400 (FEATURE) [ISLCONFPROXY-3454] More
Description
jQuery-UI was updated to 1.14.1 on v2400 pages.
ISL Conference Proxy - Core - Add Postgresql DB upgrade progress logs and adjust required free space estimation (FEATURE) [ISLCONFPROXY-3463] More
Description
New logs were added to the process of DB upgrade, providing more details (info log level).
ISL Conference Proxy - Core - Support WebSocket upgrade of existing HTTP connection (FEATURE) [ISLCONFPROXY-3471] More
Description
WebSocket support was improved to allow upgrades to WebSocket even with the preceding HTTP requests on the same TCP connection and not just at the start of a TCP connection. This should also fix connection issues when ISL Conference Proxy is placed behind a load balancer.
ISL Conference Proxy - PostgreSQL - Store exact MAJ.MIN PostgreSQL version in PG_VERSION.isl_exact (FEATURE) [ISLCONFPROXY-3473] More
Description
New version file "PG_VERSION.isl_exact" is now created in "postgresql_data" folder that contains exact/full PostgreSQL installed version.
ISL Conference Proxy - PostgreSQL - Update PostgreSQL to version 16.8 (FEATURE) [ISLCONFPROXY-3474] More
Description
PostgreSQL version packed with PostgreSQL module was raised from version 9.3.25 to 16.8.
ISL Conference Proxy - PostgreSQL - Add progress reports to PostgreSQL activities (FEATURE) [ISLCONFPROXY-3475] More
Description
Progress reports were added to "PostgreSQL activities" for following commands:
- analyze
- vacuum
- create index
Commands in progress are now listed in new tables only when PostgreSQL 16 is installed.
ISL Conference Proxy - Core - Show HTTP frontend information on /handler and improve port 7620 secure flag (FEATURE) [ISLCONFPROXY-3481] More
Description
HTTP frontend information was added to http://<icp-server-address>/handler and https://<icp-server-address>/handler:
- client_address (client IP address)
- handler=TCP:PORT (which port on ICP is used for handling the request)
- secure=0|1 (is the connection considered secure/encrypted, 0 means http:// in base_url and 1 means https:// in base_url)
- base_url=http://...|https://... (the scheme and host for the current request)
ISL Conference Proxy - Core - Log WebSocket upgrades (FEATURE) [ISLCONFPROXY-3484] More
Description
Log lines "HTTP connection WebSocket upgrade" and "HTTP connection WebSocket upgrade failed" were added to "core_http_requests".
ISL Conference Proxy - ISL AlwaysOn - Add origin tags on webapis when changing, migrating or deleting a connection (FEATURE) [ISLCONFPROXY-3495] More
Description
Origin tags were added in logs to webapi methods:
- islalwayson/computer/migrate/1
- islalwayson/computer/delete/1
- islalwayson/computer/update/*
Fields added:
- co_id ... computer connection id being changed
- owner_new, owner_old ... computer connection owner changes
ISL Conference Proxy - Core - Wait for user account to be replicated in loginsso handler (DEFECT) [ISLCONFPROXY-3366] More
Description
In previous versions SSO login sometimes failed, when user account was created on one server and was not yet replicated to Web page server. This was redesigned and web browser now waits until the user account is replicated to the server with web pages.
The defect was fixed.
ISL Conference Proxy - ISL AlwaysOn - Bulk share does not allow sharing of not owned computers (DEFECT) [ISLCONFPROXY-3374] More
Description
In previous versions Bulk share of ISL AlwaysOn computer connections was not possible, if computers were in group and message "Some computers have been omitted - shared computers cannot be edited." was displayed. This was redesigned and Bulk Share modal now lists all computers, not just owned. When share or unshare action is performed on multiple computers, successful updates are listed in success and failed updates in error message. Share now also works correctly for computers that have user groups in shares. Scroller is used when there are too many computers.
The defect was fixed.
ISL Conference Proxy - ISL Light - Do not send "concurrent_limit" message when killing session (DEFECT) [ISLCONFPROXY-3386] More
Description
In previous versions ISL Light module would send "concurrent_limit" message to clients when ISL Light session has been killed. This was redesigned and "concurrent_limit" message was removed as it redundant and makes communication inconsistent.
The defect was fixed.
ISL Conference Proxy - ISL Light - Escape username in transferred session message (DEFECT) [ISLCONFPROXY-3387] More
Description
In previous versions username in the RPC message was not correctly escaped, which could lead to showing incorrect content. This was redesigned and username should now be correctly shown.
The defect was fixed.
ISL Conference Proxy - Core - Max password age lower bound by min (DEFECT) [ISLCONFPROXY-3396] More
Description
In previous version "Maximum password age" could be set to a lower value than "Minimum password age", causing user lockout. This was redesigned and "Maximum password age" is now limited on the lower end with the value of "Minimum password age", which should prevent locking out users.
The defect was fixed.
ISL Conference Proxy - Core - Trim whitespaces from destination email address before sending email (DEFECT) [ISLCONFPROXY-3399] More
Description
In previous versions ISL Conference Proxy would report "mail send failed", when email address contained whitespaces. This was redesigned and whitespace characters are now removed from email address before sending and email should be correctly sent.
The defect was fixed.
ISL Conference Proxy - Modules - Start using /users/webapi2 handler in GoLang modules (DEFECT) [ISLCONFPROXY-3401] More
Description
In previous versions, the old "/webapi2" handler was used for internal communication between ISL Conference Proxy and its modules in some cases. This was redesigned, and all internal communication should now use the new "/users/webapi2" handler.
The defect was fixed.
ISL Conference Proxy - Core - Implement utils/account/property/set/2 to correctly set auto-detect timezone (DEFECT) [ISLCONFPROXY-3417] More
Description
In previous versions, when having a custom time zone set for a user and then setting the time zone to auto-detect, detection would fail and use UTC. The time zone detection process was redesigned and the correct time zone should now be applied in all cases.
The defect was fixed.
ISL Conference Proxy - Integrator - Add missing index for user_id column on integrator_user_jwt_api_access_public_rsa_keys DT (DEFECT) [ISLCONFPROXY-3423] More
Description
Missing index for "user_id" on "integrator_user_jwt_api_access_public_rsa_keys" table was added.
The defect was fixed.
ISL Conference Proxy - Integrator - Add buffered RSA key generator (DEFECT) [ISLCONFPROXY-3424] More
Description
New buffered RSA key generator was added to Integrator module to reduce webapi call time.
The defect was fixed.
ISL Conference Proxy - ISL AlwaysOn - Computer history search does not consider DST when checking if requested time range is allowed (DEFECT) [ISLCONFPROXY-3427] More
Description
In previous versions Computer History search would sometimes fail with "Please use a smaller time range in your search" due to DST (daylight saving time) switch. This was redesigned and DST changes are now taken in account when computing limit and issue should not happen anymore.
The defect was fixed.
ISL Conference Proxy - SSL - Support certificate authorities which do not provide Terms of service link (DEFECT) [ISLCONFPROXY-3432] More
Description
In previous versions SSL module showed error "Could not retrieve terms of service.", when using custom certificate authority, which did not provide link to terms of service. This was now redesigned, because terms of service are optional in ACME protocol and checkbox to confirm terms of service is removed, when link to terms is not provided by certificate authority. Additionally, new text "Please install the SSL certificate to enable secure connections." was added.
The defect was fixed.
ISL Conference Proxy - SSL - Offer to reload page when certificate requested on HTTP (DEFECT) [ISLCONFPROXY-3441] More
Description
In previous version when new ssl certificate was requested from http page and certificate has been successfully issued, next request would fail due to CORS (because scheme changed to https) and "unset message string" error would be shown. This was redesigned and user will be invited to reload page, using https scheme.
The defect was fixed.
ISL Conference Proxy - Core - Fix leak in OpenSSL connection summary log (DEFECT) [ISLCONFPROXY-3449] More
Description
In previous versions OpenSSL connections would sometimes cause memory leak. This was redesigned, summary logging was redesigned and issue should not happen anymore.
The defect was fixed.
ISL Conference Proxy - Core - Custom setting list keys func nullptr check (DEFECT) [ISLCONFPROXY-3459] More
Description
In previous versions ISL Conference Proxy would sometimes crash when uploading a customization and using older versions of Pronto module. This was redesigned, additional checks were added and issue should not happen anymore.
The defect was fixed.
ISL Conference Proxy - Core - Pass ciphers global map by reference on SSL accept (DEFECT) [ISLCONFPROXY-3461] More
Description
In previous versions ciphers global map was passed by copy, which could impact performance. This was redesigned and ciphers are now passed by reference.
The defect was fixed.
ISL Conference Proxy - Core - Periodic task "tlsext_ticket_refresh_task" should not be protected with static watchdog because task is rescheduled on changed setting (DEFECT) [ISLCONFPROXY-3466] More
Description
In previous versions periodic task "tlsext_ticket_refresh_task" was protected with watchdog that checks if task ever stops executing, which triggered alert logs on change of setting "TLS ticket refresh interval in seconds". This was redesigned and "tlsext_ticket_refresh_task" is no longer protected with static watchdog, because it is expected that task is stopped and rescheduled with new interval on change of setting .
The defect was fixed.
ISL Conference Proxy - Core - Translate hardcoded password history errors (DEFECT) [ISLCONFPROXY-3476] More
Description
In previous versions following strings were untranslated: "Password changed too recently. Please wait before changing your password again." and "Password used recently. Please use a different password.". This was redesigned, missing translations were added and should now be correctly translated.
The defect was fixed.
ISL Conference Proxy - ISL AlwaysOn - Disable delete trigger on domain, user, group and computer tables to delete ISL AlwaysOn connection (DEFECT) [ISLCONFPROXY-3491] More
Description
In previous versions ISL AlwaysOn connections were removed on DB change event, which could create broken state, where some connections would be missing. This was redesigned, delete trigger was disabled and issue should not happen anymore.
The defect was fixed.