What’s New
- RAD Studio/Delphi 11 Update 1 support
- New property ServerController.CookieOptions.RunCookieCheck (default True). When set and the application requires cookies, IW will emit code to detect browser’s cookie support (i.e. if cookies are enabled). If cookies are disabled, a message will be displayed and the application loading will abort. The default message can be configured via RSCookieCheckMessage variable in IWResourceStrings.pas.
Bug fixes
- THttpRequest.HasField() must also check query fields
- In TIWHTTPClient class, use Content-Type as provided in CustomHeaders, if present
Modified
- LogSessionEvents property moved to ServerController.SessionOptions.LogSessionEvents.
- LogSessionEvents property now allows finer granularity of events that are logged (etCreate, etDestroy, etRequest)
- IW will block the creation of a new session (responding with 404 status code) when it receives an XMLHttpRequests other than the ones originated from IntraWeb’s own JavaScript.
- Extension “.alfa” included in ServerController’s BlockedDocExtensions property. This blocks some common scripts used in exploit attacks.