14.0.16

<< Click to Display Table of Contents >>

Navigation:  Version History >

14.0.16

New property ServerController.SecurityOptions:

 

CheckSameIP: Will raise an EIWSecurityException if a different IP is used in a subsequent request using the same Session ID. Default True.

 

CheckSameUA: Will raise an EIWSecurityException if a different user agent string is used in a subsequent request using the same Session ID. Default True.

 

ShowSecurityErrorDetails: If false, will omit the error message when one of the above checks fails. Default True.

 

New property ServerController.SSLOptions.CipherList: Using this property you can specify a list of ciphers to used by SA applications (Indy) when using SSL. Read more here. When this property is empty, it will use the value of THTTPServerIndy.DefaultCipherList (class property – public). The default value is ‘RC4+SHA1+RSA’, i.e. IntraWeb SA applications are secure against BEAST attack without any special configuration, when using SSL.

 

Modification to IWAppCache.AddFileToCache(): Now it allows developers to add an existing file outside the CacheDir folder to the cache. The original file is copied to the CacheDir and the URL to this file is returned. The copied file always has .tmp extension. If the same file is added more than once to the cache, it is not copied again, and the result is an empty string.

 

Modifications to TIWCustomEdit, TIWCustomCheckBox, TIWCustomRadioGroup, TIWCustomRadioButton rendering. Now these controls (and descendants) should have a perfect size/alignment in different browsers.

 

WebApplication.TerminateAndRedirect() does not use an exception for flow control anymore.

 

“Expires” and “Date” HTTP header fields are now included in responses with code 304 as required by HTTP/1.1 spec.

 

Bug fix: Chrome and some versions of IE requires Cache-control header field to be present in responses with code 200 to properly load static resources (JavaScript, CSS, Images, etc.) from browser cache. In this version we added a default header field “Cache-control: private” in all cached responses with HTTP code 200. Default cache control may be changed using the class property THttpReply.DefaultCacheControl (type string, unit IW.HTTP.Reply.pas). Possible values are “public” and “private”.

 

Bug fix: If session was terminated during its startup the message was not shown to the user

 

Bug fix: removing path received when a file is uploaded using IWFileUploader.

 

Bug fix: In TContentHandlers, if some handler was registered using a path like “/mypath/mysubpath1/mysubpath2/”, it would not respond for sub-paths like “/mypath/mysubpath1/”.

 

Bug fix: Under some circumstances a post request could trigger an “cannot find submit component” error

 

Bug fix: IWDBCheckBox and IWDBRadioGroup didn’t update DataField values

 

Bug fix: under some rare circumstances, TIWContainerContext.Destroy could raise an access violation error

 

Bug fix: IWImageFile with OnClick event handler, if disabled using an Async call, would not trigger OnClick() again after being enabled.

 

Bug fix: Under some circumstances, changing the text/value of other visual controls inside IWRadioGroup or IWCheckBox OnClick event handler would cause the control to render an old/outdated text/value.

 

Bug fix: IWCheckBox didn’t trigger OnChange() event if no OnClick() event was assigned.