• 14.2.12 Version History (7/12/2019)


    Bug fix

    • Fixes an issue which causes IW application to fail when certain AV extensions are installed in browsers (e.g. Kaspersky AV)

    This version is binary compatible with previous IW 14.2.10+

  • 14.2.10 Version History (1/15/2019)


    • Includes Delphi 10.3 Rio support
    • Fixes Bundled licenses registration which could fail in previous version (14.2.9)
    • Free update for Registered RAD Studio/Delphi 10.3 Users, including Community Edition

    This version is based on 14.2.8 code base.

  • 14.2.9 Version History (12/12/2018)


    • Includes Delphi 10.3 Rio support
    • Free update for Registered RAD Studio/Delphi 10.3 Users, including Community Edition

    This version is based on 14.2.8 code base.

  • 14.2.8 Version History (6/3/2018)

    Bug Fixes

    • ISAPI applications would fail to create valid error responses (status code 500) when parsing invalid header fields (e.g. invalid cookie fields)


    • ISAPI applications now allow redirection from HTTP to HTTPS. It is much easier to do that from IntraWeb than from IIS or other server. Requires:
      – ServerController.SSLOptions.NonSSLRequest = nsRedirect
      – ServerController.ProxyPortRedirection.Active
      – ServerController.ProxyPortRedirection.HttpsPort > 0


    • Invalid characters in URL exceptions now show the offending URL in error message

    This version is binary compatible with version 14.2.x. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), don’t need to be recompiled.

  • 14.2.7 Version History (2/22/2018)

    Bug Fixes

    • Allow grids to use % CSS unit for width and height of the cell
    • Under very rare circumstances an AV could happen when creating and destroying containers (IWRegions and descendants) at runtime (Thanks to TeamZed member Pete d’Oronzio for isolating this rare case and proposing a fix).


    • New: Protection against arbitrary methods on server (Only GET and POST are accepted by default)
    • This version sets TIWServerControllerBase.DisableFixupPatch to TRUE by default, meaning that the modifications for Delphi’s fix up mechanism are disabled by default. We have found a few side effects in some applications and we decided to disable this patch until these cases are fully resolved.

    This version is binary compatible with version 14.2.x. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), don’t need to be recompiled.

  • 14.2.6 (1/4/2018)

    Bug Fixes

    • Fixed validation of some new licenses
    • Fixed IWTreeView rendering for RTL languages
    • Fixed deletion of some temporary cache files after Async responses containing lots of data (> 32 kb)


    • IWGrids won’t render border if StyleRenderOptions.RenderBorder = False
    • If application log file can’t be created (e.g. read only folder), Windows Event log will be used instead

    This version is binary compatible with version 14.2.x. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), don’t need to be recompiled.

  • 14.2.5 (11/20/2017)

    Bug Fixes

    • Fixes different issues when registering Delphi and C++ Builder license keys
    • ISAPI only: Depending on allowPathInfo setting, IIS can include SCRIPT_NAME in PATH_INFO information making ISAPI applications to fail.
    • Possible AV in IWStringReplace() call


    • Improved logic to handle temporary file deletion when session terminates.

    This version is binary compatible with version 14.2.x. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), don’t need to be recompiled.

  • 14.2.4 (11/12/2017)

    Bug Fixes

    • AV when sorting controls list in Delphi 2009-XE
    • AJAX (Async) requests could fail to restart expired sessions when RestartExpiredSessions = True
    • ContentHandlers execution could fail when starting a new session and RequireSessionStart = True
    • FireFox Developer edition installation detection. When FF Developer Edition is installed, IW GUI Stand Alone Server will use it preferably (executed from menu/button bar)

    This version is binary compatible with version 14.2.x. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), don’t need to be recompiled.

  • 14.2.3 (10/11/2017)

    Bug Fixes

    • Fixes relative order of aligned controls in IWForms

    This version is binary compatible with version 14.2.x. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), don’t need to be recompiled.

  • 14.2.2 (10/10/2017)

    Bug Fixes

    • Fixed malformed html on application initialization. This could cause startup failure of IW application in some browsers
    • Fixed different issues in OnResize and OnAsyncResize events. Enhanced handling of resize events when browser is continuously resized (i.e. user drags browser window border continuously)

    This version is binary compatible with version 14.2.x. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), don’t need to be recompiled.

  • 14.2.1 (9/7/2017)

    Bug Fixes

    • Exception when executing Async events. It only affects Delphi XE, 2010 and 2009.


    • A few performance improvements when reading request streams
    • Minor fixes

    This version is binary compatible with version 14.2.0. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), don’t need to be recompiled.

  • 14.2.0 (8/29/2017)


    • New Debug visualizers for THttpRequest and other IntraWeb internal classes (Delphi 2010 and up)
    • New 404 error page. It has the same layout of other IntraWeb standard error pages and can be customized (or replaced) the same way.
    • New event IWForm.OnAsyncResize. Allows resize notification just like standard OnResize, however it also allows users to respond to the browser resize through Ajax, like any other async request.
    • New security features:
      • ServerController.SecurityOptions.PreventDoubleSubmission which prevents a double post, i.e. POST request caused by browser refresh after a previous post request. IntraWeb will identify a browser refresh after a POST and disables the double submission (Cookies are required).
      • Method interchange prevention, prevents that parameters sent through URI query string are processed as a POST request.
    • New ServerController.OnBeforeNewSession event. This event is triggered just before creating a new session. Users can abort the session creation using it. A standard 404 page will be returned when session creation is aborted.
    • New property ServerController.HTMLLanguage. New property TIWApplication.Language (default = ServerController.HTMLLanguage). Different sessions can get diferent Language values. If not specified, English (“en”) is used
    • New unit IWClassesFix.pas changes the way Delphi’s fixup resolution works. New IntraWeb fixup resolution is done on a per-thread basis. The new fixup resolution (enabled by default) can be disabled using a new class property DisableFixupPatch in TIWServerController (public, not published thus not visible in Object Inspector). We strongly recommend that this should be enabled in every IntraWeb application.

    Bug Fixes

    • Cookies expires field could be wrongly set when using ASPX modules (update ASPX binaries only)
    • IWDBGrid.RollOver doesn’t work as expected
    • TIWButton would not render correct height on MacOS/Safari
    • IntraWeb Stand Alone server could fail to detect Firefox
    • Async key press event would fail to report some special keys like ESCAPE


    • TIWApplication.Terminate(const aMsg: string) can receive a complete HTML text as parameter.
    • Templates allow usage of wildcards (* and ?) in component names. Example: {%IWCheckBox*%} will insert all controls which name start with “IWCheckBox“, found when the template is processed. This includes “IWCheckBox1“, “IWCheckBox2“, “IWCheckBoxABCD“. This makes easy for users to include components created at runtime.
    • Classes.GlobalNameSpace lock used in RTL (based on slow and possibly buggy TMultiReadExclusiveWriteSynchronizer) was replaced by a faster and more reliable lock based on TCriticalSection.
    • All locks based on TMultiReadExclusiveWriteSynchronizer or TMonitor were replaced by more reliable versions based on TCriticalSection.
    • Custom IW data containers replace TList, TObjectList and TStringList in several places within IntraWeb code. TList is deprecated in Delphi 10.2. The generic version TList<T> is slow and consumes lots of memory. The new custom classes use less memory and are much faster.
    • New version of ASPX binaries. If you are using ASPX deployment, replace the old binaries.
    • IntraWeb Setup allows user to run IW Bundled Removal tool when setup is complete.
    • Dozens of other small fixes and improvements.

    This version is not binary compatible with previous version. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), need to be recompiled from sources.


  • 14.1.14 (5/11/2017)

    Bug Fixes

    • Fixes a possible Access Violation in IWTabControl when receiving invalid page index at runtime
    • Fixes issues validating Bundled licenses under Delphi 10.1 Berlin (Update 2) and Delphi 10.2 Tokyo. This only affects BUNDLED licenses.

    This version is binary compatible with previous version. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), don’t need to be recompiled.

  • 14.1.13 (4/28/2017)

    Bug Fixes

    • Fixes cache file handling in some special circumstances. This also fixes some cases where WebApplicaiton.SendFile() would fail when used with Async events
    • Under some very specific cases IntraWeb design time package could fail do identify Delphi 10.2 Tokyo installation (exact version and edition). This only affects BUNDLED licenses.

    This version is binary compatible with previous version. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), don’t need to be recompiled.

  • 14.1.12 (4/23/2017)

    Bug Fixes

    • IntraWeb design time package could fail to load in Delphi 2009-XE5 with error “EReadError in module rtlxxx.bpl at xxxxx. Error reading RechEdit1.Zoom: Property Zoom does not exist.”

    This version is binary compatible with previous version. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), don’t need to be recompiled.

  • 14.1.11 (4/18/2017)

    Bug Fixes

    • IntraWeb design time package could fail to identify Delphi 10.2 Tokyo IDE in certain installations. If you are using a previous IDE or previous version is working correctly you don’t need this update.

    This version is binary compatible with previous version. Third party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), don’t need to be recompiled.

  • 14.1.10 (4/12/2017)

    Bug Fixes

    • Registration for Delphi 10.2 Tokyo could fail under certain circumstances
    • TIWBorderOptions fixed style rendering (missing semicolon)
    • Trim() is used in ServerController.OnRewriteURL event to prevent blank spaces in URL base.

    Known Issues

    • Due to a C++ Builder 10.2 64-bit bug, IntraWeb won’t work correctly when compiled as a C++ Builder 64 bit application (Delphi applications work correctly, though). If you are a C++ Builder 10.2 user, please vote for this bug: https://quality.embarcadero.com/browse/RSP-17722
    • If you are installing the first time on Delphi/C++Builder 10.2 Tokyo, please run IntraWeb Bundled Removal Tool (which is also installed in the \Tools sub folder). This is absolutely required!

    This version is not binary compatible with previous version. If you have 3rd party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), you must recompile these libraries from the source code.

  • 14.1.9 (4/4/2017)


    • Delphi 10.2 Tokyo support Delphi and C++, Win32 and Win64
    • ServerController.SecurityOptions.RandomTempFileNames property (Boolean). If true (default) temp and cache files will use true random file names (generated from a GUID)
    • Cache files can be created with extension

    Bug Fixes

    • TIWCustomRadioButton.SetChecked() must uncheck other radio buttons in same group when checked = True
    • Fix rendering of HTML tag attributes mainly in IWGrid
    • Under some very rare circumstances, ISAPI could fail to receive complete request from IIS


    • MakeTempFile moved to IW.Common.System.pas
    • Lots of refactorings, small fixes and improvements

    Known Issues

    • Due to a C++ Builder 10.2 64-bit bug, IntraWeb won’t work correctly when compiled as a C++ Builder 64 bit application (Delphi applications work correctly, though). If you are a C++ Builder 10.2 user, please vote for this bug: https://quality.embarcadero.com/browse/RSP-17722
    • If you are installing the first time on Delphi/C++Builder 10.2 Tokyo, please run IntraWeb Bundled Removal Tool (which is also installed in the \Tools sub folder). This is absolutely required!

    This version is not binary compatible with previous version. If you have 3rd party dependent libraries (e.g. TMS, CG Tools, IWBootstrap), you must recompile these libraries from the source code.

  • 14.1.8 (3/20/2017)

    Bug Fixes

    • Multiple frames created at runtime parented by IWRegions would render in incorrect order
    • TIWTabPage (pages of TIWTabControl component) render border correctly, according to BorderOptions settings
    • Fixes JavaScript name conflicts with Google maps API
    • TIWMarkupLanguageTag.RenderElement() should render attributes with blank or empty values. Empty attributes added to BODY tag in templates should render correctly.
    • IDE – Update check form: Under certain circumstances clicking on the version update link could cause IDE to crash
    • C++ Builder x64 Library Path on Delphi 10.1 Berlin wrongly updated by IW Setup program

    This version is binary compatible with previous version

  • 14.1.7 (3/5/2017)

    Bug Fixes

    • IWTabControl.RenderInvisibleControls = False, a JavaScript error can occur if one of tab pages invisible
    • Double slash in progress indicator url could cause page load to fail
    • IW JavaScript could present errors while processing Ajax responses in pages containing Google maps API JS


    • Version checker runs in a thread so won’t affect IDE loading times
    • WOFF2 and EOT fonts added to MimeTypes
    • IWLink cursor set to default when disabled
    • Restored IWLink old font rendering behavior (text without underline is rendered as expected)
    • TIWApplication.GetHost() logic now handles HTTPS reverse proxy servers

    This version is binary compatible with previous version

  • 14.1.6 (2/8/2017)

    Bug Fixes

    • IWComboBox, IWListBox and descendants would fail if ItemsHaveValues=True and value contains space or other special chars
    • OnRewriteURL event would not set URLBase as expected, causing it to fail when running with reverse proxy servers
    • Fix issues caused by wrong URLs generated when IW application runs behind a (reverse) proxy server, using different ports for HTTP and HTTPS. Also fixes issues when switching from HTTP to HTTPS and vice-versa
    • Fix IE 7/8 JavaScript incompatibility


    • IWTabControl: Improved rendering. Removed ugly flick when rendering tabs for the first time
  • 14.1.5 (1/26/2017)

    Bug Fixes

    • Bug fix: Fix for Stack Overflow caused by recursive calls of IWContainer.ForceAlign
    • Bug fix: TIWGradButton font could be rendered twice. It does not cause any issues, but increase HTML size.
    • Bug fix: Start handlers behaviour has been restored (same of 14.0.63)


    • IWTabControl much improved and mostly redesigned. Changes should not break existing applications
    • Modified: IWComboBox won’t reset ItemIndex to -1 when clearing/filling item list.
    • Modified: TIWContainer.RenderComponents() now renders invisible TFrames when RenderInvisibleControls is True
    • Modified (rendering):
      • IWFont does not render text-decoration attribute unless necessary (text-decoration is not inherited in CSS so “none” – the default value – does not need to be rendered)
      • TIWImage renders border style inside its internal style sheet, not inlined
      • border-style and border-color attributes are only rendered when necessary (i.e. border-width > 0)
      • TIWContainer won’t render “padding” attibute when StyleRenderOptions.RenderPadding is False
      • TIWBorderOptions now uses CSS shorthand when rendering border style

  • 14.1.4 (12/22/2016)

    New Property

    • RawText in TIWRadioButton and TIWRadioGroup classes
    • PageRenderOptions in TIWForm.
    • RenderMargins: When True IWForm will render style with “Margin: 0”. Disable it when using templates which set body margin to a different value

    New Unit

    • IW.Server.Logger which contains TIWRequestLogger class. This class, when active, is able to log all ISAPI application requests (headers, fields, cookies, content, etc.)

    Bug Fix

    • Changing IWComboBox items during async event using the new OPTGROUP option could fail
    • IWGradButton renders font style even when StyleRenderOptions.RenderFont is false
    • IWDBGrids header cells won’t use template styles
    • AlignWithMargins would generate incorrect sizes of elements when using contiguous controls
  • 14.1.3 (12/5/2016)

    Bug Fix

    • IWFileUploader could truncate small uploaded files (<8kb)
    • PreHeader and ExtraHeader could be wrongly rendered in certain circumstances, when used in component context
  • 14.1.2 (11/30/2016)

    Bug Fix

    • regression bug in TIWFileUploader.SaveToStream() method.
  • 14.1.1 (11/28/2016)


  • 14.1.0 (11/22/2016)
    • IntraWeb controls use less memory and perform better than previous versions. Major refactoring of base classes and controls, using improved data structures which use less memory and have better performance when compared to standard Delphi data structures (mainly TStringList).
    • New: class TBufferedHandleStream which drastically improves stream write and read performance. TempFileStream now descends from TBufferedHandleStream. New class TIWFileStream, descends from TBufferedHandleStream
    • New: TIWExceptionCallback allows 3rd party exception tracers/loggers (e.g. EurekaLog) to integrate with IntraWeb using a pre-defined, dedicated interface.
    • New: TIWControl and TIWRegion now render margins when AlignWithMargins = True
    • New: IWComboBox now allows grouping of related options in the list, using OPTGROUP tag. Each group in the list must start with the plus sign char (+), e.g. “+Group 1”..
    • New: New basic data structures (list and dictionary classes) are used instead of TStringLists, in several internal classes. Less memory usage and more performance.
    • New: ServerController.OnRewriteURL event lets you specify Reverse proxy or RewriteURL parameter using events
    • New: IWModalWindow: Button close action can be skipped using “|NoClose”
    • New: TIWLayoutMgrForm, TIWLayoutMgrHTML and TIWTemplateProcessorHTML have a new published property StyleAttributesToRemove (TStringList). Each style attribute in the StyleAttriutesToRemove list will be removed when rendering controls in a form using templates
    • New: IWMonitor property jsCallbackName. This parameter is optional. When set, IWMonitor will call this JavaScript function each time it queries the status value from IW server. This function should be provided by user (JavaScript function).
    • New method CenterInParent() available in TIWCustomControl and TIWBaseContainer (TIWRegion and descendants). Centers a control within its parent’s client area
    • New property CustomLockerAnimationFile (an animated gif file name), which allows you to customize the IWLocker image. A new (slightly bigger) locker is default. Many free sample lockers can be found inside \Images\LoadingGif subfolder
    • New properties:
      • TIWBaseForm.IsFirstRequest
      • TIWBaseForm.IsPostBack and TIWApplication.IsPostBack
      • TIWApplication.IsFormFirstRequest
    • Bug fix: Frame name validation wrongly raises an exception when 2 existing frames descend from the same parent frame (check the new “Frame Inheritance” demo project in our demo repository)
    • Bug fix: Aligned invisible controls (e.g. IWRegion with Visible=True, Align=alBottom) would still be considered when aligning other controls. This caused other controls to be wrongly aligned, as the invisible control was actually visible.
    • Bug fix: TIWDBLookupComboBox and TIWDBLookupListBox could show NonSelectionText property instead of actual selected item text after sync event
    • Bug fix: possible issue with multiple threads uploading files (FFileList)
    • Bug fix: WebApplication methods SwitchToSecure/SwitchToNonSecure (HTTPS <-> HTTP) could fail
    • Bug fix: Under very rare circumstances, some temporary files could remain until application termination
    • Bug fix: TIWDBGrid rendering issues when a control is assigned to a cell. Refreshing the Grid in Edit mode should not raise excepion
    • Modified: IWLists.pas has been renamed to IW.Common.Lists.pas
    • Modified: Faster SA Server with an Indy intercept class customization
    • Modified: IW Version check form is non modal, so IDE continues loading while the form is visible
    • Modified: TIWCompressionOptions.MinSize is now 512 bytes (instead of 1024)
    • Modified: “attr” tag is used instead of “attribute” in XML node (async response). This reduces the size of XML response, in average, 100+ bytes per object modified in an AJAX request.
    • Modified: TIWResyncInfo record (used when detecting sync issues/BackButton events) has 2 new members: FormOutOfSync and TrackIdOutOfSync.
    • IWBundledRemovalTool is now part of IntraWeb installation. It can be found inside folder \Tools\BundledRemoval
    • Dozens of other small improvements and fixes


  • 14.0.63 and before (7/30/2016)

    History for these versions was imported from our old web site. Some older links may be broken or refer to content that no longer exists.


    • Bug fix: ISAPI Basic Authentication was not working properly. “Authentication Failed” message was returned before user authentication occurs.
    • Bug fix: Delphi 10.1 Berlin PRO IDE package could fail to validate bundled license
    • Modified: Improved resolution of callback method names. Custom callback (Async) functions can be registered using a DOT, providing fully qualified method names (e.g. “IWForm1.MyCallback”). This modification should not affect existing code.
    • Modified: ServerController.RewriteURL can also be used in Stand Alone applications (makes easy to integrate with Reverse Proxy servers, e.g. Abyss Web Server)
    • This version is binary compatible with 14.0.53+


    • Bug fix: On x64 TIWServerInternalFiles.GetResourceStream() could fail
    • Bug fix: TIWApplication.TerminanteAndRedirect() method would fail if called from within a content handler’s Execute() method
    • Bug fix: Do not trigger ServerController.OnNewSession event when session is terminated during OnBrowserCheck event. Session termination should work as expected.
    • Modified: TIWApplication.Terminate method (the overloaded version without string parameter) will return a 404 code when no content is provided by the user
    • Modified: TIWApplication.Browser internal instance is now destroyed after application forms (avoid issues if WebApplication.Browser is referenced during form destruction)
    • Small performance improvements
    • This version is binary compatible with 14.0.53+


    • Bug fix: In some circumstances (mainly using a proxy/load balancer server) link files could be rendered with wrong URL (AddLinkFile)
    • Bug fix: ASPX Library could fail with 3rd party controls (CG Tools)
    • Improved Delphi IDE Edition detection. This fixes many installation problems, mainly on Delphi 10 Seattle and 10.1 Berlin
    • Bug fix: New C++ ISAPI created using IntraWeb Application Wizard would contain wrong #include file list among other issues.
    • This version is binary compatible with 14.0.53+


    • Bug fix: Setting Enabled and Visible properties of TIWComboBox control and descendants during async evens would fail
    • Bug fix: Changing the Items list of a TIWComboBox control and descendants could make ItemIndex property invalid
    • This version is binary compatible with 14.0.53+


    • Bug fix: IWDBComboBox: Clearing the underlying DataField during async event wouldn’t update the control text
    • Bug fix: IWComboBox and descendant classes would fail to render in Async if NoSelectionText contained some XML special char (<, &, >, ” and ‘)
    • Bug fix: TIWSlimReaderWriter could fail when compiled as x64
    • Bug fix: EAbort should be silent when raised during form execution
    • Modified: IWJclDebug now ignores all EIdSilentException (e.g. EIdConnClosedGracefully) and EAbort exceptions
    • This version is binary compatible with 14.0.53+


    • Setup fix: IntraWeb setup program failed to update some files.
    • This version is binary compatible with 14.0.53+


    • Bug fix: ISAPI ThreadPool should disable itself under Apache (or other web server which does not support the asynchronous I/O used by the thread pool, like Abyss)
    • Bug fix: ISAPI application could fail during start up when compiled as x64 (didn’t affect x86)
    • Bug fix: Redirection to HTTPS was not working properly when using content handlers
    • Bug fix: Content Handlers discovery could fail when query string was not empty
    • Bug fix: Content handlers execution when starting a new session could fail
    • Modified: MappedURL should not be cleared unless when changing active form
    • Improvements in TIWTemplateProcessorHTML performance
    • Other small changes and fixes
    • This version is binary compatible with 14.0.53+


    • This version is binary compatible with 14.0.53+. It fixes the following bug(s):
    • Bug fix: Unicode chars in content fields were not handled correctly (ISAPI only).
    • Bug fix: Content fields bigger than 64Kb would be truncated  (ISAPI only).
    • Bug fix: IWComboBox/IWListBox would present wrong selected items after populating the list in Async event handlers.
    • Small improvements in ISAPI code. Less AnsiString <-> String conversions.


    • This version is binary compatible with 14.0.53 and 14.0.54. It fixes the following bug(s):
    • Bug fix: Content-type header field was missing when serving really small files which were sent inline (not using temp files). Some browsers won’t handle the file correctly without the Content-type header field. This issue affects ISAPI projects only.


    • This version is binary compatible with 14.0.53. It fixes the following bug(s):
    • Bug fix: Under specific circumstances, AJAX call could fail to execute. It was confirmed in XE6 only, but it might affect all other IDEs.


    • New: Delphi 10.1 Berlin support, both Delphi and C++ Builder, x32 and x64. Before installing it in Delphi 10.1 Berlin, please remove the bundled version, following these instructions (download an run the updated IW Bundled Removal Tool, which supports Delphi 10.1 Berlin).
    • New: Support for OpenSSL version 1.0.2g and later in stand alone servers (updated Indy Open SSL units)
    • New property ServerController.PostRedirectGet, which implements a Post/Redirect/Get pattern in post requests
    • New: properties FriendlyName, CloseButtonVisible and CloseOnEscKey added to IWModalWindow.
    • New: ISAPI implementation was rewritten (new unit IW.ISAPI.Extension.pas). The new implementation is much faster and is not based on WebBroker. New TIWISAPIThreadPool class (new unit IW.Isapi.ThreadPool.pas) which replaces the Delphi built-in TISAPIThreadPool. Read more about it here.
    • New constant RSAuthFailedMessage which allows you to modify the “Authentication failed” default message string.
    • New IWForm events OnRefreshForm and OnGenerateForm. OnRefreshForm event is triggered in a response to a GET request, when the form is rendered again due to a browse refresh, back button click or redirection (e.g. 302 or 307 responses)
    • Bug fix: When IWModalWindow was visible, focusable elements beneath overlay div could be focused using tab key.
    • Modified: ESC key now closes IWModalWindow (the same as close button “x” at the top right was pressed)
    • Modified: IWModalWindow resets tabIndex property of all focusable elements (keeping relative order), making navigation using tab key more user friendly
    • Bug fix: IWModalWindow.RenderStyle property now works correctly.
    • Bug fix: IWLabel: NoWrap works as expected when StyleRenderOptions.RenderSize = False (AutoSize = True). Text is now truncated, which is the expected behavior. IWLabel does not render non-standard tag anymore.
    • Bug fix: Setting IWComboBox and IWListBox ItemIndex property at runtime during an Async event might not work as expected
    • Bug fix: a bug introduced in IW 14.0.51 broke IWBackIntercept normal behaviour
    • Modified: TFrame alignment works as expected when created at runtime.
    • Bug fix: ResetSessionId wasn’t working as expected when AllowMultiSessionPerUser was true.
    • Bug fix: Correct TrackID handling when used in Ajax requests, i.e., an Ajax request increments TrackID as it should
    • Modified: Session log updated to support reset session ID event. Stream version updated. Log files created with this version need newest log file viewer application.
    • Extended: LogSessionEvent now correctly logs Callback (AJAX) request parameters. Requires new version of Log viewer application.
    • Bug fix: Included Indy fix for HTTP 411 error on GET request from iOS 8 Safari
    • TIWResyncInfo record used in OnBackButton event now also contains the session object (Session: TIWApplication). Few issues regarding OnBackButton were fixed.
    • Many other small fixes and improvements.


    • Bug fix: In TIWFileUploader, when selecting multiple files, event OnAsyncSelectFile parameters only contain the first file name. This issue affects all browses, except Internet Explorer.
    • Bug fix: In MS Edge, gradients (TIWGradButton) didn’t show correctly
    • Bug fix: Under very rare circumstances a exception ‘aBytes is not large enough to hold stream’ could be raised when committing the reply
    • Bug fix: Do not trigger IWForm.OnShow event handler when destroying the Session
    • This version is binary compatible with version 14.0.48 and later


    • Bug fix: Fixes gSessions.LockList/UnLockList error when used from another thread.
    • Bug fix: Fixes “Bad Request” errors in Internet Explorer 11 and MS Edge browsers when handling OnAsyncKeyDown/Up events and keys like Shift or Backspace were pressed.
    • Improved: Serving static files (css, javascript, images, etc.) from ISAPI.DLL
    • Small fixes in IntraWeb setup program
    • New version of optional CrossTalk package
    • This version is binary compatible with version 14.0.48, 14.0.49 and 14.0.50, so you don’t need to update other dependant packages (CG Dev Tools, TMS, IW Bootstrap)


    • Bug fix: an access violation could occur when rendering template-based forms where controls are referenced using dotted notation, like
    • Due to refactorings in the template handling logic, this version performs significantly better than versions 14.0.47 and prior, when processing template-based forms.
    • Modified: IntraWeb setup program now installs all design time packages (one dclIntraWeb_14_xx.bpl file for each Delphi IDE) under the same folder named “bin” under IntraWeb’s main installation folder. This makes things easier and more manageable. Also, no files are installed under Delphi’s own bin folder.
    • This version is binary compatible with version 14.0.48 and 14.0.49, so you don’t need to update other dependant packages (CG Dev Tools, TMS, IW Bootstrap)


    • Bug fix: Unicode chars in file name could cause IWFileUploader to raise exception “No mapping for the Unicode character exists in the target multi-byte code page” when OnAsync events are assigned. This error only occurs in Internet Explorer 10 and 11
    • Bug fix: When calling gSessions.UnlockList() method, an exception with message “The session does not hold a lock in session list” could be raised.
    • This version is binary compatible with version 14.0.48, so you don’t need to update other dependant packages (CG Dev Tools, TMS, IW Bootstrap)


    • Improved TIWContainerContext. Drastically improved page rendering speeds, specially when rendering a page with several controls (hundreds or more). Reduced memory usage. This affects all controls descending from TIWContainer, like IWRegions and several CG Dev Tools controls
    • TIWCustomListbox and TIWCustomComboBox refactored. Async response does not recreate items if list hasn’t changed. This drastically improves performance when items list contains a huge number of items.
    • Workaround for Delphi 2009 TFileStream bug: TTempFileStream now descends from THandleStream and correctly respects share mode
    • Modified: User configurable PacketBufferSize, via THttpPacket.PacketBufferSize class property.
    • Bug fix: New version of ASPX redistributable binaries, fixes server error 500 when refresing a page
    • Bug fix: Under certain circumstances a browser without cookie support would cause an infinite request loop
    • Bug fix: Fixed cookie support exception
    • Bug fix: SRW Lock improved detection on Windows Vista
    • Bug fix: IntraWeb’s JavaScript libraries: FindElem() replaced by document.getElementById() calls in order to avoid problems with CG Dev Tools libs
    • Bug fix: revert IWCheckBox state in case confirmation question is used and user cancels it
    • Bug fix: Under very rares circumstances a memory leak could occur when destroying the IWApplication instance
    • Modified: In TIWMenu, HideComboBoxes is not used anymore. This only makes sense in IE 6 and below
    • Refactored TIWSessions (gSessions instance). TIWSessions.LockList now has a parameter named AWriteAccess (boolean). When true, the list will be locked with a write lock, otherwise a shared (read) lock will be used. Only use the write lock if absolutely required, once it has influence over IWApplication locking mechanism. TIWSessions.UnlockList now has a parameter named AList (type TList). The list obtained as a result of LockList() method should always be used as a parameter.
    • Lots of other small improvements.


    • Bug fix: Registration of IntraWeb in Delphi 10 Seattle could fail. This problem could only be reproduced in Windows 10 machines, but may affect other versions of Windows as well.
    • Bug fix: IWForm’s OnDefaultAction event does not trigger
    • Bug fix: In Firefox and Chrome an Ajax execution could fail when the page has CSS from another domain
    • Bug fix: ExplicitStart() correctly terminates existing session
    • Bug fix: IWForm.JavaScriptOnce was not working properly.
    • Stability of design time package was greatly improved. Possible access violations or invalid pointer operation exceptions were eliminated.
    • Various improvements on session locking mechanism. Many exlusive locks were replaced by shared locks, meaning much better performance under heavy usage.
    • New in TIWFileUploader: New public methods: StartUpload(), SelectFile(), ClearList(). These methods can only be used in an Async request.
    • Modified: TSessionTimeoutThread only clear expired sessions list if ServerController.RestartExpiredSession = True. This means that there is no performance penalty when Session timeout thread executes and your application is not using the RestartExpiredSession feature.
    • Modified TIWCheckBox: Default cursor and removed inline style setting cursor
    • Modified TIWBrowser class: refactorings for improved detection of bots, search engines and other browsers
    • Modified: TIWContainer.RenderComponents() now use display CSS property when control has StyleRenderOptions.UseDisplay = True. This way, “display: none” is used instead of “visibility: hidden” when an invisible control is rendered, i.e. when its parent container has RenderInvisibleControls = True. When StyleRenderOptions.UseDisplay = False (the default value), the old behavior is preserved, i.e. “visibility: hidden” is used.
    • Modified: TIWControl.RenderAsyncCommonProperties now use display CSS property when control has StyleRenderOptions.UseDisplay = True
    • Modified: DesignMode property removed from TIWApplication instance. Use IsDesignMode instead.
    • Lots of other small improvements and fixes.


    • New Delphi/RAD Studio 10 Seattle support (including C++ x86/x64)
    • New MIME types compressed by default when using SA server (json, xml, xhtml)
    • New TIWApplication.ResetApplicationID() method, allows you to change the session ID after a user logon (experimental)
    • New ServerController.ProxyPortRedirection property. This property allows you to control the port used by IntraWeb server when creating responses that will redirect the browser to another address within the same domain/application. This should be used when the application is behind a proxy (or load balancer, etc.) that redirects received requests to your application, using another HTTP or HTTPS port.
    • Bug fix: an access violation could occur withing exception logger
    • Bug fix: issue with new notification dialogs when AllowMultipleSessionsPerUser = True
    • Bug fix: TWImageFile.ScriptEvents[‘onClick’] will trigger IW application’s OnClick even even returning false
    • Bug fix: Under very rare circumstances, FindSubmitElement could raise an exception “Cannot find submit component”
    • Massive code cleaning/formatting. Most unused units were removed from uses clause, from all units. This means shorter build times when using IW sources
    • Few other small bug fixes and improvements


    • New: WebApplication.ShowMessage(), ShowMessageEx(), ShowConfirm(), ShowPrompt(), ShowNotification() methods. These methods show new cross-browser, dynamic JavaScript dialogs. New demos are being prepared.
    • New property UseAjaxNotify in TIWServerControllerBase class. When True (default), WebApplication.ShowMessage will use the new JavaScript based dialogs instead of alert() when using WebApplication.ShowMessage(). Set it to false to restore the old behavior.
    • Bug fix: Fixes a JavaScript error in IWRadioButtons and IWCheckBoxes when using IE8 and 7
    • BugFix: Possible error during AJAX response processing in Firefox and Chrome if the document has style sheets hosted in other domain
    • Bug fix: ExecuteWebEditor() restored. This allows users to edit HTML pages using IntraWeb built-in HTML editor, using /$/iwedit command.
    • Improved error logging. Added Request information
    • New P3P property and DefaultP3P class var in THttpReply class. Although P3P is not developed/supported anymore, Internet Explorer browsers still need P3P header in order to work property under some circumstances. Read more about it here.
    • Microsoft Edge browser support


    • Bug fix: Possible AV when destroying an IWFrame containing a IWTemplateProcessorHTML component
    • Bug fix: TIWDBMemo Async events cause a line feed to be inserted
    • IWApplication.NewWindow() replaces path delimiters (\) with URL delimiters (/) to avoid runtime errors
    • Improved browser detection, specially older Chrome, newer Samsung mobile devices based on Android and Safari Mobile
    • Maximize icon on SA server main window
    • This version is binary compatible with previous versions 14.0.41/.42/.43
    • This version is compatible ith RAD Studio/Delphi XE8 and XE8 update 1


    • Bug fix: Fixed incompatibilities with Internet Explorer 7, 8 and 9 when updating hyphenated style properties (e.g. background-color, font-size, etc.)
    • Bug fix: if IWEdit.SubmitOnAsync is false, OnSubmit event does not fire
    • This version is binary compatible with previous versions 14.0.41 and 14.0.42
    • This version is compatible ith RAD Studio/Delphi XE8 and XE8 update 1


    • Bug fix: Under some circumstances IWStringReplace() could fail.
    • Installer fix: CrossTalk for RAD Studio XE8 install could fail
    • This version is binary compatible with previous verson 14.0.41


    • New: C++ Builder x64 support from XE3 to XE8
    • Bug fix: OnSubmit event didn’t fire
    • Bug fix: Under some circumstances (e.g. an IWButton with assigned OnClick event, and confirmation message), the event OnClick could be triggered twice after when the page was rendered a second time.
    • Modified: Few IW units using generics were refactored to remove generics dependency. Some 3rd party code had problems with some compilers in units using generics code.


    • Delphi / RAD Studio XE8 support
    • Bug fix: A JavaScript error caused IW applications to fail under IE7
    • Bug fix: Change that cause fail of JavaScript when using templates was rolled back
    • Bug fix: When using start parameters, IW_AjaxID parameter was added to the existing parameter list using ‘?’ as a separator, causing 2 question marks to appear in the url
    • Bug fix: Under very rare circumstances, the destruction of a IWForm/DataModule could cause an Access violation
    • Modified: If IWRegion.StyleRenderOptions.RenderBorder = False, no border style attribute is rendered. This is the correct, expected behaviour of this property. As a side effect, when a IWRegion is rendered with StyleRenderOptions.RenderBorder = True, setting it to false during an Async (AJAX) call won’t cause the border to be invisible again. In this case, the IWRegion.BorderOptions property should be used instead.


    • Fixed: Interface change broke TMS IntraWeb pack build.


    • New: QueryStatus request feature. New public property IWApplication.Status.
    • New component: TIWMonitor
    • New component: TIWModalWindow
    • New IWBaseForm.OnShow() event: this event is triggered every time that the form becomes the active form. This may happen when its Show() method is called, or when the current active form is destroyed (in this case, the last form in the form stack becomes visible).
    • New property RenderjQuery in TIWServerController.JavaScriptOptions. When FALSE, IntraWeb will not generate code (
    • New procedure ExecProcess (unit IWUtils). This procedure executes another process from within an IW application (mainly ISAPI DLLs). This is a recurrent question of IW users, so we decided to add it as an utility function:
      • procedure ExecProcess(const ACommandLine, AParams: string);
    • New overloaded method TIWAppCache.NewCacheStream() receive the FileName as parameter.
    • New overloaded TerminateAndRedirect() method has a second parameter aPrependBaseUrl. When true, will add the BaseURL to the URL parameter if the URL is not absolute.
    • New TIWImage.PreProcessImage property. When TRUE, the TGraphic internal instance is released AFTER the image is saved to a cache file, when the image (form) loads. This greatly reduces the memory comsumption of applications with lots of TIWImage controls. The default is FALSE.
    • Improved: Size of generated HTML is being continuously reduced.
    • Improved detection of browsers. Fixed Chrome/Android Stock Browser/Opera Mini/Opera Mobile detection.
    • Improved: Many new options in TIWFileUploader.
    • Improved: KeepAlive request does not block the session (used when IWForm.KeepAlive property = true).
    • Improved: OnAsyncDoubleClick event added to TIWImage
    • Improved: New IWStringReplace() (x86/x64) and IWPos() functions (x64 only) much faster than original RTL functions. In IntraWeb applications these functions replace the standard RTL ones (via a memory patch technique) and even if your code uses the standard StringReplace() routine, the application will actually use the improved version. Once IntraWeb has a strong string manipulation nature, this greatly improves overall performance of the application, mainly x64 applications (standard x64 Pos() function is REALLY slow).
    • Improved: SendStream() and SendFile() now work in Async calls using cache (temp) files and redirection
    • Modified: Redirection when IW session is started now uses AJAX calls when possible, instead of a full postback.
    • Modified: TIWAppCache.AddFileToCache() function now returns the correct (original) Href value for a cache file, if the same file is added twice to the cache
    • Modified: All IntraWeb JavaScript files are rendered in the same place now, in the beginning of the HEAD tag.
    • Bug fix: Fixed session id parsing when application does not use cookies. This could cause some EInvalidSession exceptions when cookies are disabled.
    • Bug fix: Content Handlers could fail when cookies are disabled and ServerController.AllowMultipleSessionsPerUser = True.
    • Bug fix: Callback error messages check for suspicious text that could contain strings used to perform XSS attacks
    • Bug fix: Under very rare circumstances a 404 status code response could cause an “Reply type already set” exception.
    • Bug fix: IWRegion didn’t respect StyleRenderOptions.RenderBorder option
    • Bug fix: Async calls could fail when using a very old Firefox version (confirmed with Firefox version 10.5. May affect some newer versions as well)
    • Bug fix: Failing to define an application main form could cause an Access Violation in runtime
    • Bug fix: Controls with the same Tab Oder didn’t keep their creation order when rendering. We now use a stable sort algorithm (MergeSort) in order to sort controls and keep their creation order when rendering.
    • Bug fix: Modification of internal TFileStream share mode parameters, in order to avoid “Access Denied” errors when trying to read some files, e.g., uploaded files.
    • Old/unused code removed (both Pascal and JavaScript).
    • Lots of refactoring of IntraWeb JavaScript code
    • Lots of performance/memory optimizations.


    • New: IntraWeb design time package now checks for new IntraWeb versions and, when applicable, shows the information to the user during IDE startup.
    • Bug fix: IW application looses start parameters when started using HTTP and redirected to HTTPS
    • Bug fix: ServerController.AppName setter method is now correctly checking for valid component names
    • Bug fix: Fixed redirection failure during form OnCreate() event.
    • Workaround for WebBroker bug: Query parameters containing unicode chars would loose unicode when parsed.
    • Modifild: MakeDirectory() changed to prevent some weird failure of RTL’s DirectoryExists() function, causing the IW application to fail when trying to create cache directorires.
    • Modified: X-UA-Compatible being sent as a header field, instead of a HTML tag. This forces IE to use the IntraWeb’s application X-UA-Compatible setting, instead of browser setting.


    • New option to include JCL stack trace units in a new project (IntraWeb Project Wizard).
    • Bug fix: Fixed a critical bug that could freeze a thread when a file upload was interrupted
    • Bug fix: TIWGrid.UseFrame didn’t work as expected
    • Bug fix: Some controls could use a transparent font when rendering
    • Modified: Caption of the main window (Stand Alone Server) now uses ServerController.DisplayName property, if set.
    • Modified: Simplified and optimized code to handle uploaded files in ISAPI applications.
    • Other minor fixes and refactorings


    • Improved HTTPS security: IntraWeb SSL (HTTPS) applications now get a grade A on ssllabs.com tests, out of the box, including Forward Secrecy support. Latest version of OpenSSL binary files is required (at least version  1.0.1j). Older OpenSSL versions are supported as well, but SSLLabs test results may be compromised.
    • New property ServerController.SSLOptions.SSLVersions  (only affects HTTPS): This property allows you to use more than one SSL version on your IW application. When this property is set (not empty) it will be used and the property ServerController.SSLOptions.SSLVersion (without “s”) will be ignored. This property is deprecated but kept for compatibility reasons. The recommended setting for best browser compatibility/security is:
    ServerController.SSLOptions.SSLVersions = [TLSv1,TLSv11,TLSv12]
    • New property ServerController.SSLOptions.DHParamsFile (only affects HTTPS): Allows you to set the Diffie-Hellman parameters when using OpenSSL. Read more about it here.
    • New property ServerController.MobileOptions: allows you to set a custom ViewportTag. This tag is used when rendering for mobile devices.
    • New unit IW.Parser.UTF8.pas (contains TIWUTF8ContentParser). This content parser replaces standard TUTF8ContentParser. The TUTF8ContentParser class has a critical bug in Delphi XE7 (not fixed in Update 1), and breaks all ISAPI applications. This new class fixes it. It also isolate us from future changes in built-in UTF8ContentParser.
    • New default cipher list (only affects HTTPS): We now use a default cipher list (when ServerController.SSLOptions.CipherList is left blank) tested as the best option to handle TLS, Forward Secrecy, DHParams, etc.
    • New content parser can now parse custom (RAW) content sent to an IntraWeb application using POST requests.
    • New property ButtonVisible on TIWFileUploader. When button is invisible you may call a JavaScript function “selectFile()” to show the file selection dialog box in browser.
    • Bug fix: On Internet Explorer IWLink could give a 404 error after Async Click.
    • Bug fix: Property NonEditableAsLabel was not working as expected.
    • Bug fix: TIWCustomEdit and descendant classes: ReadOnly controls should not be rendered disabled.
    • Bug fix: TIWLabel with AutoSize = True didn’t work as expected in some cases.
    • Bug fix: Under some special circumstances the session count could be negative.
    • Bug fix: When ServerController.SSLOptions.NonSSLRequest = nsBlock, the HTTPS server could be inactive.
    • Bug fix in IntraWeb Project Wizard: Bug fix: Disabled OK button when project name changed.
    • Bug fix: Under certain circumstances, increasing the zoom in browser could make the scroll bars visible.
    • Bug fix: Under certain circumstances, a DB aware control, rendered as disabled and made enabled during async calls would not submit its value, even though the property SubmitOnAsyncEvent = True.
    • Workaround for TWebResponse.AddCustomHeaders() bug (standard RTL/VCL unit): Multiple headers fields with the same name is buggy in TWebResponse implementation. This bug breaks ISAPI application when setting multiple cookies.
    • Modified: Removed inline styles from IWRegion,  TIWCustomComboBox, TIWCustomListBox, TIWLabel and descendant classes..
    • Modified: Improved handling of style attributes when processing an Async (AJAX) response.
    • Modified: UseSize property is not displayed in Object Inspector for TIWCustomImage, TIWCustomListBox and TIWCustomComboBox (and descendant) classes. This property should be controlled via StyleRenderOptions.RenderSize property.
    • Modified: When changing style attributes of some control during an Async request, whenever possible, the internal style (the
    • Improved TIWHRule control.
    • Many performance optimizations on server side.
    • Many improvements and optimizations on IW JavaScript libraries.


    • New property AjaxErrorMode added to ServerController.JavaScriptOptions. Possible values are emAlert, emConsole and emNone.
      Before IntraWeb 14.0.33, when an Ajax request failed (bad communication channel, server offline, etc.) the application didn’t report any error to the user and the Ajax subsystem became inoperative until a full post back to the server. This property controls the behavior when some Ajax request is aborted.
        • emAlert: An alert is shown to the user containing the error message
        • emConsole: The same error message is logged to the browser console as an error
        • emNone: Does not show or log any error message

    In all 3 cases above, the Ajax subsystem will continue to work after such error is detected.

    • Bug fix: IWRadioGroup and IWDBRadioGroup JavaScript error after an Async update
    • Bug fix: Fixed license registration error when installing IntraWeb on Delphi / RAD Studio XE7
    • Fixed minor JavaScript errors


    • New Delphi / RAD Studio XE7 support
    • JavaScript generated by IntraWeb rendering engine to handle AJAX requests was largely refactored and simplified. This alone greatly reduced the size of the final HTML generated by IntraWeb. In some AJAX-intensive test applications this reduced the size of the final HTML up to 60%!
    • New event in ServerController: OnLogException:

    TOnLogExceptionEvent = function(const ReportInfo: TStrings): Boolean of Object;

    This event is generated AFTER IWExceptionLogger has created its exception report, but just BEFORE the report is saved to file or sent to the event viewer. This event gives the IntraWeb developer a chance to do whatever he wants with the exception report  (save to database, send via FTP, send to email, etc.). The result of this event indicates whether the report generation was handled, meaning that: Result = TRUE indicates to IWExceptionLogger that it should NOT save the log file. Read more about this here.
    • New property PreCompress added to ServerController.Compression options. When TRUE, IntraWeb will compress all internal JavaScript files during its startup. This significantly improves IntraWeb performance in SA, ISAPI and IWLib applications. Read more about this here.
    • New RequestAuth() method was added to TContentBase and TContentForm classes
    • New IWApplication.CookiePath property: This property should be used to define the cookie path when saving custom cookies.
    • New events added to TIWRectangle: OnAsyncClick, OnAsyncDoubleClick, OnAsyncKeyDown, OnAsyncKeyUp, OnAsyncKeyPress, OnAsyncMouseDown, OnAsyncMouseMove, OnAsyncMouseOver, OnAsyncMouseOut, OnAsyncMouseUp
    • Added mtGZIP MIME type to TIWMimeTypes
    • Modified: IntraWeb now sends 404 instead of 500 when internal resource is not found
    • Modified: TIWCustomListBox and descendant controls now allow empty NoSelectionText
    • Bug fix: SendFile() calls fixed. This bug causes IntraWeb server not to delete some files after being served.
    • Bug fix: Workaround for buggy Delphi’s AddCustomHeaders implementation. This fixes an issue with multiple cookies in ISAPI applications
    • Bug fix: ServerController.AuthBeforeNewSession restored.
    • Bug fix: TIWCustomRadioGroup rendering when Layout =  glHorizontal
    • Bug fix: TAndroid (Android Stock Browser) detection fixed
    • Bug fix: minor bug fix in EIWException class
    • Bug fix: Fixed SelectedValue property in TIWDBLookupComboBox and TIWDBLookupListBox components
    • Bug fix: Fixed TIWFilePath class: Replacing TPath with ExtractFilePath/ExtractFileExt functions because invalid chars in the path name raises an exception when using TPath methods
    • Bug fix: Fixed IWCheckBox cursor
    • Bug fix: Terminate session during form creation now works as expected
    • Bug fix/Workaround: We detected that, under very specific circumstances, SAMSUNG Android devices running Android 4.2+ and Android Stock Browser, do not trigger IWComboBox.OnAsyncChange event. This does not affect any other Android device vendor/version/browser.
    • Lots of default properties added, meaning that default values won’t be saved to DFM files.
    • Lots of other minor bug fixes and improvements.


    • New event handler in ServerController: OnExecuteRequest:

    TOnExecuteRequest = procedure(const Url: string; Request: THttpRequest; aReply: THttpReply; var Handled: Boolean) of object;

    This new event replaces the old OnBeforeDispatch event, where you could build your own custom reply for a specific request and set the Handled var to true, so IntraWeb would not process the request. We decided to create a new event to handle this, without breaking the existing OnBeforeDispatch event.
    • New property in ServerController: LogSessionEvents. When TRUE, IntraWeb will create a global log file containing all requests that require a session. Read more about this here.
    • New property in ServerController: SecurityOptions.CheckFormId. When TRUE, IntraWeb will generate a unique FormId hidden field for each IWForm instance. This ID is then checked when the form processes a request. Read more about this here.
    • Modified: Session ID is now longer and coded using Base64. The side effect is that Session Id strings are case sensitive now and contain both upper and lowercase chars. This should be transparent to most – if not all – IntraWeb projects.
    • Modified: Hidden fields starting with IW_ are always submitted during Ajax requests (any Async event)
    • Modified: When processing Ajax responses, all errors are sent to the console window as errors
    • Modified: Improved and faster session locking mechanism. For instance, multiple threads can read the total number of active sessions at the same time.
    • Modified: Now ASPX IW libraries can run from IIS root (meaning that you can deploy it using http://www.yourdomain.com)
    • Modified: Using <meta name=”viewport” content=”width=device-width, initial-scale=1″> for mobile browsers, not only Safari Mobile.
    • Bug fix: Access violation when closing a project/form containing a TIWTreeView inside a TFrame
    • Bug fix: in SA (desktop) server Total Bytes counter max value was 2 Gb
    • Bug fix: THTTPServerIndy.InitComponent should not nil the class var mIOHandler


    • Bug fix (setup): Under some circumstances, the detection of Delphi IDE could fail
    • Bug fix: navigation/record location in IWDBGrid could fail under some circumstances.
    • Bug fix: RunParams are now being correctly encoded
    • Bug fix: Removed a div rendered inside header when using templates
    • Modified: When IW detects that the browser is a mobile version the view port tag is included in page header: <meta name=”viewport” content=”width=device-width, initial-scale=1″>
    • Other small fixes and optimizations


    • Bug fix: Wrong conversion of unicode chars received during some requests when using SA server. This was due Indy 10.6.0 upgrade in version 14.0.29. Does not affect ISAPI applications.
    • Bug fix: Minor bug in IWAjax.js JavaScript library could cause a JavaScript error in IE 10 and 11
    • Bug fix: Registration of IntraWeb 14 Bundled in Rad Studio XE6 could fail
    • This version is binary compatible with version 14.0.29


    • New: Includes Delphi / Rad Studio XE6 support
    • New: IntraWeb now uses a branch of latest Indy 10.6.0 (same deployed with Delphi XE6)
    • New: SA servers now can use TLS 1.0, 1.1 and 1.2 when using HTTPS. TLS 1.2 is now default (and the recommend setting for maximum security).
    • New: Cookies may now be Secure and HttpOnly depending on ServerController.CookieOptions settings. User cookies may also use this feature.
    • New property TIWControl.LockOnAsyncEvents property. You may use this property do show the standard IWLocker (locking the browser window) during specific async requests requiring long time to complete.
    • New: In TIWButton, events OnAsyncMouseMove, OnAsyncMouseOver, OnAsyncMouseOut are now published
    • New: Opera Next detection (TOperaNext class in IW.Browser.OperaNext unit). Opera Next descends from TWebKit browser.
    • New:TIWAppCache now has a class property named TempFilePrefix. Set this property to change default cache file prefix. Default value is ‘ATZ’.
    • New: When callback functions are not found on callback list, a message is written to browser console. If ServerController.JavaScriptOptions.Debug = True, then this message will be logged to browser console window.
    • New ASPX module binaries, compatible with IW 14.0.29 packet version. IW 14.0.29 applications deployed as ASPX modules must use latest ASPX binaries.
    • Modified: TIWFile and its unit were made deprecated. Compiling projects containing references to TIWFile will generate deprecated warnings. TIWDBFile moved to IWCompFile unit and deprecated as well.
    • During TIWForm.OnCreate and OnRender events, TIWApplication.FormWidth and FormHeigh properties are correctly set even before creation/rendering of the application main form.
    • Bug fix: Pathname parameter in TContentIWP class was not being used inside Execute() method, causing it to fail.
    • Bug fix: Application could fail when URL parameters contains spaces
    • Bug fix: During async calls IWEdits could render as disabled when enabled and ReadOnly
    • Bug fix: Under some specific circumstances IWExpiredSessionList could leak memory
    • GenerateSessionID modified to avoid session id collision
    • All IntraWeb packages compiled using {$IMPLICITBUILD OFF} directive (same as Explicit Rebuild option)
    • Other Small optimizations and improvements


    • Bug fix: Error in JavaScript function would break the new back button feature when deployed as ISAPI
    • This version is binary compatible with version 14.0.27


    • Bug fix: Under specific circumstances, IWRegions owned by TFrame objects could be rendered with wrong alignment
    • Bug fix: IWRectangle would render wrong border width in strict mode
    • Bug fix: Fixed a Range Check Error when creating a IWGrid at runtime in C++ Builder. This bug is not reproductible in Delphi.
    • Bug fix: TIWServerInternalFiles.WriteAllToDisk() method could fail
    • Bug fix: Creation of IWLicenseKey.obj when installing IntraWeb for C++ Builder XE5 could fail
    • Bug fix: Fixed possible XSS vulnerability when starting session with parameters containing <script> and other vulnerable tags. Read more about it here.
    • New Back Button prevention feature. Read more about it here.
    • New session restart feature. Read more about it here.
    • More information added to TIWExceptionLogger log file, like: number of active sessions, session ID, session last access date/time, client IP, path info and request method (POST/GET).
    • Better error message if insertion of a newly created session in session list fails
    • New property TIWApplication.InitProc. Code added to IWApplication.InitProc property works just like code added to IWForm.InitProc using TIWForm.AddToInitProc(). When you add custom JavaScript code to WebApplication.InitProc, IntraWeb will add this code to the Initialize() JavaScript function (in the generated page) whenever it renders a IWForm. After that, the InitProc property is cleared.
    • Deprecated property: ServerController.HistoryEnabled property is now write-only, meaning that, in practice, you can’t use it. It still exists and won’t generate error messages when IDE loads your project, but you should not use it anymore. Instead, use the new property BackButtonOptions.
    • Session ID generation was modified.


      • Bug fix: When session was started without explicit start command (/$/Start), run parameters could not be retrieved
      • Bug fix: IWContainer’s OnRender could fire twice if the container was owned by a TFrame
      • Bug fix: In SA servers, Opera browser detection could fail
      • Bug fix: TIWCallBacks.QualifiedName() could return wrong names for callbacks if it was registered during IWForm creation
      • Bug fix: SendFile() could delete the file when using Internet Explorer
      • Bug fix: TContentIWP was not writing content to Reply
      • Bug fix: When trying to serve static files with wrong addresses (404 status code), IntraWeb would create additional temporary sessions
      • Bug fix: Fixed a memory leak in stand alone server. It affects only Stand Alone applications running as a desktop application, not as a service.
      • IWExceptionRenderer links now contain the WebApplication start parameters when applicable. When a session started with some start parameters (like expires the “Restart” link also contain the parameters. IntraWeb now keeps track of expired sessions and it is possible to detect when a specific session expired and also its start parameters. This subject is quite broad and should be covered in a separate blog post.
      • Modified generated HTML: now IntraWeb renders CSS files first and then all JS files and code
      • Workaround for Delphi x64 memory leak when Indy silent exceptions were raised. This issue only affected IntraWeb x64 applications compiled as stand alone servers.
      • Workaround for ERR_RESPONSE_HEADERS_MULTIPLE_CONTENT_DISPOSITION error in Google Chrome when uploading files containing commas in file name.
      • Workaround for ISAPI IW applications on Apache: When generating custom error pages (like SessionTimeout) containing status code = 500, Apache won’t send our custom HTML, replacing it with its own error message. To avoid that, IntraWeb now generates status code = 501 (Not implemented) instead of 500, when deployed as ISAPI in Apache. Curiously, Apache server sends other server errors (status code > 500) just fine. Deployment under IIS is not affected.
      • MultiPart file uploads (Internet Explorer) was rewritten. It is now faster and also avoids the load of the whole file in memory
      • Added method UnregisterCallBack() to IWApplication class. Using it you can unregister a previously registered Callback function.
      • Many optimizations for speed. Using a new class TIWStringList internally (faster string search than standard TStringList)
      • New about box showing IntraWeb license information when accessing component’s context menu inside Delphi IDE
      • IWServerInternalFiles refactored. Much faster implementation.
      • New EInvalidAppID exception class. This exception will be raised when an invalid AppID is provided when trying to execute a non existing session
      • Indy’s constant IdMaxLineLengthDefault (declared in InIOHandler.pas) was made a typed constant, so the user can modify its default size. Default size was increased from 16 kb to 32 kb.
      • Default server variables are now being retrieved and can be accessed through THttpRequest object. The variables are: APP_POOL_ID, SERVER_ADDR, SERVER_NAME, SERVER_PORT, SERVER_SOFTWARE
      • New property LogCommandEnabled in ServerController. When enabled, your IntraWeb application will respond to /$/Log commands containing IntraWeb status (evaluation/registered) and other license information
      • New parameters in TIWApplication.GoToUrl method:
        • procedure TIWApplication.GoToURL(const aURL: string; const aReplaceUrl: Boolean = True; const aPrependBaseUrl: Boolean = True);


      • aReplaceUrl (boolean, default True): When true, IntraWeb will emit code to use window.location.replace() instead of window.location.href
      • aPrependBaseUrl (boolean, default True): When true, will add WebApplication.SessionUrlBase to the provided URL if the URL is relative


    • New in TIWServerInternalFiles:
      • method AddFromFile() in TIWServerInternalFiles. This can be used to load a resource from a file in disk:
    procedure AddFromFile(const aPhysFileName, aResName, aFileName: string);
    aPhysFileName: Name of file, including full path
    aResName: Name (identifier) of the resource in IWServerInternalFiles list
    aFileName: Name of the file used in the final HTML
    • Event OnResourceNeeded(). This event can be used to provide custom resources on the fly

    TIWResourceNeededEvent = procedure (const AFileName: string; out ResStream: TStream; out EnableCache: Boolean) of object;

    New demo in: http://iwdemos.codeplex.com/SourceControl/latest#Atozed Demos/XIV/Delphi/InternalFiles/

    • Modified StandAlone server main form. When IntraWeb is in evaluation mode, now it will show the reason in log window: License not found, License expired, Invalid license, etc. When a invalid license is used, the first 15 chars of the license will also be displayed in the log window. It will be easier to detect when a wrong key is used.
    • New LicenseRegistration program and registration procedures in IntraWeb setup. Now IntraWeb can use different license keys in a single machine when the user has multiple Delphi IDEs installed. When using LicenseRegistration program, the user must check the IDE to which the license key applies.
    • Optimization of Async code resulting in faster Async execution specially when many controls are updated in an async event.
    • Bug fix: IWFileUploader’s Enabled property now works as expected. Can also be set during Async events.
    • Bug fix: Some temporary files were not being deleted after used internally. This only occured if the packet was bigger than 32 Kb and the stream was flushed to disk. This is not related to cache files.
    • Bug fix: Build using Delphi 2009 and IntraWeb 14.0.24 could fail with message “Unit xxx compiled with a different version of yyy”
    • Bug fix: IW JavaScript function ProcessElement() could fail when trying to find an element if it was not parented by the Form. Some frameworks like jQuery can change the element parent.
    • Bug fix: Many DB Aware controls could still be editable if the associated DataSet field was made ReadOnly. This affects IWDBEdit, IWDBComboBox, IWDBLookupComboBox, IWDBListBox, IWDBCheckBox, IWDBMemo, IWDBRadioGroup and descendants.
    • Bug fix: Wrong font when rendering IWGradButton during async event


    • Bug fix: IWFileUploader could fail when uploading multiple small files
    • Bug fix: Show a IWForm during Async event could fail due a JavaScript error
    • IntraWeb 14.0.24 for Rad Studio XE5 was compiled with Update Pack 2


    • New property TIWForm.KeepAlive. When true, IntraWeb will generate JavaScript code that will send a special request to IWServer avoiding session expiration.
    • New method ReleaseAndRedirect() in TIWBaseForm. It can be used to release the current active form and redirect to other URL internal to the IntraWeb application, e.g. a registered content handler.
    • New properties of TContentBase (content handlers base class):
      • CanStartSession: Boolean;
      • RequireSessionStart: Boolean;
    • A Slim Reader/Writer lock object is used in TIWStandAloneServer and TIWServerInternalFiles instead of TMultiReadExclusiveWriteSynchronizer object. This new lock is available under Windows Vista and up, and should increase IW server performance under heavy concurrency/load.
    • New Event description tab in IWScriptEvents editor with some valuable information about JavaScript events
    • Modification in TIWBaseForm: ExecuteForm() and GenerateForm() methods were made static (non virtual). These methods now call DoExecuteForm() and DoGenerateForm() virtual (protected) methods.
    • Bug fix: User cache directory is deleted when session expires. Modification in routines responsible for cache directory removal. In our tests it fixed cache directory removal when application terminates.
    • Bug fix: TIWDBCheckBox could raise an exception during rendering when attached to a empty DataSet
    • Bug fix: When deploying the application as ISAPI, session tracking without cookies would fail
    • Bug fix: When a IW application was compiled with runtime packages, TIWAppInfo.GetAppFullFileName was returning the name and path of the BPL file, not the EXE/DLL main file
    • Bug fix: TContentRedirect could fail if ServerController.AllowMultipleSessionsPerUser = True
    • Bug fix: IW Splitter didn’t work with Internet Explorer 11


    • ServerController.OnBackButton should work as expected now. The method signature changed, though:
    TOnBackButtonEvent = procedure(var VResyncInfo: TIWResyncInfo) of object;
      TIWResyncInfo = record
    CurrentTrackId: Cardinal;
    SubmittedTrackId: Cardinal;
    FormName: string;
    FormClassName: string;
    ExecuteForm: Boolean;
    SetActiveForm: Boolean;
    RecreateActiveForm: Boolean;
    Handled: Boolean;
    • TContentForm was greatly extended and improved. TContentBase.Execute method changed signature. There is a new parameter named aParams.
    function Execute(aRequest: THttpRequest; aReply: THttpReply; const aPathname: string; aSession: TIWApplication; aParams: TStrings): boolean; virtual;
    • Bug fix: Put a frame on a IWForm during design time should work now. This bug fix was listed in version 14.0.19 history but it was not included.
    • Bug fix: Under some circumstances a CallBack call could raise an access violation when updating controls with invalid values.
    • Bug fix: IWTimer inside frames was not tiggering async events.
    • Bug fix: IWDBCheckBox could raise an exception during rendering if the underlying DataSet was empty.
    • GoToURL is now using window.location.replace, instead of META REFRESH tag. his method now has a new parameter aPrependBaseUrl. The session base url will be used to prepend relative URLs if this parameter is true.
    • Lots of internal improvements and other optimizations


    • Bug fix: RunParams were not being updated when using /$/Start (explicit start of a new session)
    • Bug fix: Fixed an Access Violation when working with Frames when its owner was not a IWForm
    • Bug fix: Regression bug when uploading files with unicode chars in file name
    • TIWBrowser: Detection of IE 11
    • Cache control header fields removed from response when calling WebApplication.SendFile() and SendStream() methods and the browser is Internet Explorer.
    • Modified: ServerController.CheckSameUA default value is now False
    • TIWURLWindow and TIWURL can be updated using async events
    • New property in TIWURL: TargetOptions.Mode: Allows you to specify tmNewWindow, tmBlank, tmSelf, tmParent, tmTop. tmNewWindow correspond to window.open(). You can read more about other options here.
    • Many refactorings and optimizations


    • Fixed a registration issue during IntraWeb setup. This issue could set IntraWeb to evaluation mode under some IDE’s.
    • Same code base of IW 14.0.19


    • ServerController.ServerVariables (TStringList) public property added. When deploying as ISAPI you may add to the list all the server variables that you need to access in run time (ISAPI implementation won’t allow us to list all server variables, so you have to name tham in advance)
    • Property RenderEmptyAsSpan added to TIWDynamicImage and descendants (TIWImage, TIWDBImage). It allows you to have an IWImage initially empty, and then change it during Async events.
    • Added MasterTemplate property to TIWTemplateProcessorHTML. This allows you to use a different master template.
    • TSessionTimeoutThread rewritten from scratch. Now it has better performance, consumes less resources and does less context switches.
    • RenderBorder property added to TIWStyleRenderOptions. Not all controls have borders, but when applicable, it controls if IntraWeb rendering engine will render border style for some controls (TIWCustomEdit, TIWCustomMemo, TIWCustomListCombo and descendants)
    • New events for TIWFileUploader: OnAsyncUploadSuccess and OnAsyncUploadError. These events might be used to update form controls after a file upload. OnAsyncUploadCompleted event cannot be used for that. The purpose of OnAsyncUploadCompleted is to process (save) the received file, only.
    • New TChromeMobile browser class to handle Chrome browser under Android and iOS.
    • Added support for IIS URL Rewrite module (ISAPI)
    • Bug fix: When using IE8 + SSL, WebApplication.SendFile() or SendStream() could fail due a IE bug. In this case, all cache control HTTP headers cannot be present in the response.
    • Bug fix: TIWFileUploader would fail if using IE 8/9 and file name contains unicode chars.
    • Bug fix: Unlocking the session in GetSession() method if ServerController.DoNewSession raises an exception. This error could freeze the application.
    • Bug fix: in TIWCustomEdit.HookEvents() a missing semicolon could cause a JavaScript error.
    • Bug fix in TIWBaseComponent. When a TIWBaseComponent descendant was destroyed during an Async call, the Parent container was not notified. This could cause an Access Violation when rendering the same IWForm again.
    • Bug fix: RenderAsync is now using HTMLWidth and HTMLHeight
    • Bug fix: When using WebApplication.SendFile() and SendStream() the method GenerateForm() should not be called.
    • Optimization of MergeTemplates() function. This function is used when you use both master and form templates. It might be up to 40% faster now.
    • Many other bug fixes and optimizations


    • Delphi / RAD Studio XE5 support


    • Modified: IWComponentsChanged() now notifies its parent IWContainer. Needed for proper creation/destruction of controls during Async events.
    • Modified: IWTimer.RenderAsync() now allows a timer interval to be set to a different value during Async events
    • Bug fix: JavaScript function SubmitClickConfirm() was not posting a request for IWTimer
    • Bug fix: If a IWComboBox has Editable = False and NonEditableAsText = True and ItemsHaveValues = True, the rendered text was incorrect.
    • Bug fix: IWFileUploader working with IE8 could corrupt some type of files. We have detected this problem with JPG and BMP files. Other files were not affected, though.


    • New property ServerController.SecurityOptions:
      • CheckSameIP: Will raise an EIWSecurityException if a different IP is used in a subsequent request using the same Session ID. Default True.
      • CheckSameUA: Will raise an EIWSecurityException if a different user agent string is used in a subsequent request using the same Session ID. Default True.
      • ShowSecurityErrorDetails: If false, will omit the error message when one of the above checks fails. Default True.
    • New property ServerController.SSLOptions.CipherList: Using this property you can specify a list of ciphers to used by SA applications (Indy) when using SSL. Read more here. When this property is empty, it will use the value of THTTPServerIndy.DefaultCipherList (class property – public). The default value is ‘RC4+SHA1+RSA’, i.e. IntraWeb SA applications are secure against BEAST attack without any special configuration, when using SSL.
    • Modification to IWAppCache.AddFileToCache(): Now it allows developers to add an existing file outside the CacheDir folder to the cache. The original file is copied to the CacheDir and the URL to this file is returned. The copied file always has .tmp extension. If the same file is added more than once to the cache, it is not copied again, and the result is an empty string.
    • Modifications to TIWCustomEdit, TIWCustomCheckBox, TIWCustomRadioGroup, TIWCustomRadioButton rendering. Now these controls (and descendants) should have a perfect size/alignment in different browsers.
    • WebApplication.TerminateAndRedirect() does not use an exception for flow control anymore.
    • “Expires” and “Date” HTTP header fields are now included in responses with code 304 as required by HTTP/1.1 spec.
    • Bug fix: Chrome and some versions of IE requires Cache-control header field to be present in responses with code 200 to properly load static resources (JavaScript, CSS, Images, etc.) from browser cache. In this version we added a default header field “Cache-control: private” in all cached responses with HTTP code 200. Default cache control may be changed using the class property THttpReply.DefaultCacheControl (type string, unit IW.HTTP.Reply.pas). Possible values are “public” and “private”.
    • Bug fix: If session was terminated during its startup the message was not shown to the user
    • Bug fix: removing path received when a file is uploaded using IWFileUploader.
    • Bug fix: In TContentHandlers, if some handler was registered using a path like “/mypath/mysubpath1/mysubpath2/”, it would not respond for sub-paths like “/mypath/mysubpath1/”.
    • Bug fix: Under some circumstances a post request could trigger an “cannot find submit component” error
    • Bug fix: IWDBCheckBox and IWDBRadioGroup didn’t update DataField values
    • Bug fix: under some rare circumstances, TIWContainerContext.Destroy could raise an access violation error
    • Bug fix: IWImageFile with OnClick event handler, if disabled using an Async call, would not trigger OnClick() again after being enabled.
    • Bug fix: Under some circumstances, changing the text/value of other visual controls inside IWRadioGroup or IWCheckBox OnClick event handler would cause the control to render an old/outdated text/value.
    • Bug fix: IWCheckBox didn’t trigger OnChange() event if no OnClick() event was assigned.


    • Bug fix: Under some circumstances, IWForm.GenerateForm() could raise an Access Violation when accessing PageContext property.


    • New AJAX speed optimization: Widely optimized Ajax core processing methods, using a hash table to locate components in IWForms. Async methods calls should be significantly faster than prior versions. This is the same code used in IntraWeb XII (introduced in version 12.2.13).
    • New: Property ServerController.CookieOptions.UseCookies. When false, IntraWeb application will use a mixed mode (URL/Hidden fields) to track user session. This new feature is in experimental stage and should only be used when cookies are a real issue (e.g. using an IntraWeb application inside a IFRAME and 3rd party cookies are disabled). Applications MUST have ServerController.AllowMultipleSessionsPerUser = True to use the application without cookies. More about session tracking without cookies will be covered in a new blog post.
    • New version of ASPX deployment binaries (under ASPX subfolder). These modules must be used with any IW library created with IW 14.0.13+.
    • Refactoring and optimization of TIWCompressor, used in SA output compression.
    • Bug fix: Fixed IWTabControl painting at design time
    • Bug fix: IWFileUploader was not working if ServerController.AllowMultipleSessionsPerUser = True
    • Bug fix: TIWFileUploader’s FileList was being erased during a new request
    • Bug fix: In IE 10, IWRegion used as splitter didn’t work
    • Bug fix: When using templates, the style attribute of the BODY tag, if present, was being replaced by IWForm’s own body style attribute when template was rendered.
    • Bug fix: JavaScript error was preventing IWProgressIndicator to render properly.
    • Bug fix: IWListBox under IE8 was not showing items rendered during Async methods
    • Bug fix: Under some circumstances an error with message “could not find submit component” could occur during a submit.
    • Bug fix: THsmStream overrides the correct version os SetSize with Int64 parameter
    • Bug fix: under specific circumstances IWCheckBox and IWRadioGroup may not update other control’s value during an async request
    • Bug fix: under some rare circumstances changing TIWCheckBox or TIWRadioGroup value during an AJAX request would not update the control
    • Bug fix: Application time-out exception could not be raised when OnException event is assigned on TIWServerController
    • Bug fix: If ServerController.AllowMultipleSessionsPerUser = True, changing forms during an Async call could fail
    • Bug fix: Fix reading the stream of cached files in ISAPI application
    • Bug fix: In ISAPI setting the URL for a cache file could return wrong URL
    • Setup change: Latest CrossTalk (1.0.60) is included in IntraWeb setup as an optional component. IntraWeb does not require CrossTalk currently, but in the future some new parts of IntraWeb may use CrossTalk. We are rolling it into install to simplify and prepare for these new features. CrossTalk users should uncheck this component to avoid conflicts.
    • Many optimizations and refactorings.


    • New option in Stand Alone Server (GUI application): There is a new option under “Browser” menu to save current settings to the .iwb config file.
    • New properties of TIWServerController class: SearchEngineOptions and JavaScriptOptions.
      • in JavaScriptOptions:
        • UseUncompressedFiles: If true, IntraWeb will use uncompressed JavaScript files. If false, compressed JavaScript files will be used. (Default = False). Please note that now the compressed files were concatenated for better performance, and only 2 main files (required by every IWForm) are used: IWBase.js and IWLib.js. This modification alone greatly improves the session startup time, because the browser now requests only 2 JavaScript files instead of 7.
          • IWBase.js = IWBrowser.js + IWPreScript.js + jQuery.js + jQueryMaskedInput.js.
          • IWLib.js = IWCommon.js + IWCL.js + IWAjax.js.
        • Debug: Replaces the old DebugJavaScript property. When true, some debug messages are sent to the browser console window.
    • Many IW controls had their HTML rendering methods refactored and fixed to comply with HTML 5 specification. A blank IWForm is now 100% compatible with W3C HTML5 spec and may be validated using W3C Validator . Most of IW controls comply 100% with HTML 5, but still work as expected when using HTML 4.
    • Removed many <META> tags when rendering IWForm in HTML 5. Removed tags do not comply with W3C HTML5 specification.
    • New: When calling WebApplication.NewWindow() you can include the option “woDetectBlock”. When present, IW will detect if the popup window was blocked, and show an alert message to the user.
    • New: The IntraWeb main thread is named “IW Main Thread”. Inside Delphi IDE, using View -> Debug Windows -> Threads, you can distinguish the main thread of IW application.
    • New: The unit IWRtlFix was added to every new IntraWeb project created using the application Wizard.
    • New: IWUserSession has a new property WebApplication, and also a new overloaded constructor. This allows you to access the WebApplication instance in the same way you do inside IWForms. Note: You MUST test WebApplication for nil values before using it. There is no guarantee that IWUserSession.WebApplication will return a non nil value.
    • Changed: The code to create a new TIWUserSession instance has changed. Note that there is a second parameter where the TIWApplication instance is passed to the constructor. The old form (without the second parameter) still works as expected.
    procedure TIWServerController.IWServerControllerBaseNewSession(
    ASession: TIWApplication);
    ASession.Data := TIWUserSession.Create(nil, ASession);
    • Breaking change: If ServerController.DocType or IWForm.DocType are both not specified, IntraWeb will render using “DOCTYPE HTML>” (HTML 5). If you want the IW application to behave like HTML 4, you must specify the correct doc type for your application. You may have forms with different DocType as well. IWForm’s DocType property has precedence over ServerController.DocType.
      • Note: The recommended DocType value for HTML 4 is: DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN” “http://www.w3.org/TR/html4/loose.dtd”>
    • Bug fix: Async rendering of IWComboBox when NonEditableAsLabel = True was not working as expected. Paint of IWComboBox in design time when ItemsHaveValues = True was not working as expected.
    • Bug fix: WebApplication.Terminate() was not working and could raise an exception “Uninitialized reply”.
    • Bug fix: Starting a new session with a URL containing /$/Start/?Param1=Value1 was not working
    • Bug fix: Error when setting ServerController.URLBase
    • Bug fix: Fixed IsMobile property for TOperaMobile, TFirefoxMobile, TSafariMobile and TAndroid classes
    • Bug fix: TContentHandlers could raise an exception with message “Operation not allowed on sorted list”.
    • Bug fix: ServerController.CacheDir didn’t accept empty value during design time
    • Bug fix: When a new Intraweb application is created using the wizard and the option “Pool data connections” was selected, the event OnNewSession had the wrong method signature.
    • Bug fix: Under some circumstances the SA application (GUI) could freeze. This was happening because an Indy thread was being blocked by a SendMessage() call in the main thread.
    • Bug fix: IWMenu didn’t work as expected in Opera browsers.


    • Bug fix: Cache files might not be served correctly. This bug only affects ISAPI deployment.


    • New property HttpKeepAlive in ServerController
    • New TFirefoxMobile class
    • New unit containing TIWMimeTypes class
    • New property TBrowser.IsMobile. This property is true when IntraWeb detects that the user started a session using a mobile browser
    • New property SessionInternalUrlBase added to TIWApplication class
    • Added PreHeader published property to IWBaseForm. PreHeader works just like ExtraHeader, but it is rendered BEFORE any script/css files. ExtraHeader is rendered at the end of head block:
    • Bug fix: Compression was not working in SA
    • Bug fix: Authentication was not working as expected
    • Bug fix: <NOSCRIPT> section of HTML was not in accordance with the standards.
    • Bug fix: Changing visibility of RadioGroup during Async events doesn’t work in IE 10
    • Bug fix: IWRadioGroup doesn’t trigger the OnAsyncChange in IE
    • Bug fix: In class TIWCustomObject, if StyleRenderOptions.RenderSize is false, then IntraWeb won’t render sizes now. This affects TIWMPEG, TIWFlash, TIWQuickTime, TIWActiveX and any TIWCustomObject descendant.
    • Bug fix: TIWFileUploader.SaveToStream() method was raising exception
    • Bug fix: Some unhandled exceptions during Async events were not being shown in browser
    • Bug fix: TContentHandlers may not work if the session was not started
    • Bug fix: Start parameters were not showing in URL even though SC.ShowStartParams = True
    • Bug fix: A check was added to IWAjax.js to avoid “Invalid argument” JavaScript error under Internet Explorer 8.
    • Bug fix: TIWGradButton was not rendering correctly under Android stock browser.
    • Bug fix: AV could occur during design time if a IWFrame was created and the inner IWFrameRegion was deleted.
    • Bug fix: When IWRegion.Visible property was set, the internal method Invalidate() was called, even when the “visible” property didn’t actually change. This was causing code like “IWRegion.Visible := True” to render IWRegion again during async events, even when not needed at all.
    • Bug fix: When setting properties of IWFont during async events, the internal method IWFont.DoChange() was triggered and it caused the control to be rendered again even when not needed.
    • IWFont rendering was refactored. overloaded FontToStringStyle() method without parameters (TBrowser instance is not needed to IWFont rendering anymore). IWFont rendering should be much faster when rendering controls during async events.
    • Workaround for Chrome issues when receiving HTTP code 304 (Not modified): When IntraWeb responds with code 304, header fields “Content-Type” and “Content-Length” are not sent anymore.
    • Added check to IWCustomControl and IWCustomRegion’s get_HTMLHeight() and get_HTMLWidth() getter methods. If the resulting value is lower than zero, then zero will be returned. Most browsers ignore something like “object.style.width = -2px” but Internet Explorer may show errors.
    • JavaScript: Removed hint in FireFox (usage of document.all) and various refactorings
    • JavaScript: Removed old global vars in IWCommon.js. All code is now using IWBrowserObj class
    • Restored functionality: In Stand Alone Server speed simulation and logging were not working
    • Changed: MakeTempFile() function to avoid repetition of temporary and cache file names in subsequent runs of the same application
    • Changed: TIWAppCache class: ctOneTime is now the default cache type
    • Changed: Temp folder removal routines. We are now changing directory (to the executable directory) before the temp folder removal.
    • New methods of TIWAppCache: NewTempFileName() and AddFileToCache(). TIWAppCache class methods should be used instead of old ServerController.NewCacheFile() method.
    • IWRtlFix added
    • MP3 and OGG file extenions are now served as static files
    • Lots of other minor optimizations


    • Bug fix: Upgrade licenses (Personal to Standard, Personal to Ultimate, Standard to Ultimate) were accepted during setup, but the compiled executable was still using evaluation version. This issue only affects these 3 types of licenses:
      • Upgrade Personal to Standard Edition
      • Upgrade Personal to Ultimate Edition
      • Upgrade Standard to Ultimate Edition
    If you are not using one of these licenses, this update is optional.


    • New: Added Delphi and Rad Studio XE4 support!
    • New: ASPX Deployment!
    • New: A new type of IntraWeb project was added to IntraWeb Application Wizard: IW Library (for Delphi only in this first release). This new type of project is used with ASPX deployment.
    • Modified: IntraWeb application wizard now saves its state in Windows Registry. The type of project and the root folder are “remembered” the next time you run the wizard. Also, the project name is appended to “Base Directory”, creating a new directory for the project. So, if your “Base Directory” is “C:\IntraWeb Projects” and your project is named “MyProject”, the wizard will create a new directory named “C:\IntraWeb Projects\MyProject\” for this new project.
    • Modified: Removed exception when setting cookies with HTTP code <> 200.
    • IntraWeb setup changes:
      • Not it requires administrator privileges
      • The setup now uses the previously selected directory.


    • New: TIWExceptionRenderer class. Read more about it here.
    • New: TIWAudio control. Read more about it here.
    • Added SessionCookieOptions to TIWServerController class. Now IntraWeb application are using real session cookies by default. Property CookieNameSuffix was removed from TIWServerController and added to SessionCookieOptions. In projects with non empty CookieNameSuffix property, just open the project/ServerController, ignore the error and set SessionCookieOptions.CookieNameSuffix to the old value.
    • Modified: TIWServerInternalFiles we are now using TMultiReadExclusiveWriteSynchronizer instead of TCriticalSection
    • Modified: ClearSessions is being called before closing SA main form.
    • Bug fix: An access violation could occur during callback calls if Session.ActiveForm was nil.
    • Bug fix: An ampersand ‘&’ char in message could make WebApplication.ShowMessage fail.
    • Bug fix: TAutherIni was not thread safe.
    • Bug fix: Long redirect URLs could make redirection fail in Internet Explorer, when using SA.
    • Bug fix: Fixed onload DOM event not firing for elements like <img>
    • Bug fix: After session expiration a new request would automatically create a new session instead of showing the “Session timeout” page.
    • Many small refactorings and bug fixes.


    • New: TIWExceptionLogger class. This class can log all exception within your IntraWeb application to a log (text) file, or to the Windows Event Log. Read more about it here.
    • New unit/class added: IW.Common.AppInfo.pas. This class replace various IW.Common.System old routines. Read more about it here.
    • Two new properties of class StyleRenderOptions:
      • RenderPadding (Default true): When true, will add “Padding” property to IWControls when rendered. The default padding value is zero. Padding value will be added in a future version
      • UseDisplay (Default false): When true, will use “display: none” to control IWControl’s visibility. IWRegion’s UseDisplay property should be set to TRUE whenever you change its visibility during an async event. This is a workaround for IE 9 bug when toggling IWRegion visibility during async events.
    • Bug fix: TIWGradButton was not being registered in the component pallete.
    • Bug fix: TIWURLWindow was working correcly only in Internet Explorer, failing in other browsers.
    • Bug fix: Fixed parameters in C++ Builder templates. This was requiring manual fix to the C++ Builder code generated by IntraWeb application wizard.
    • Bug fix: Fixed namespaces in C++ Builder HPP files. This was preventing C++ Builder IntraWeb applications to compile correctly.
    • Bug fix: When using templates, the order of internal JavaScript files in the generated output was not correct. Now it conforms with form rendering, without templates.
    • Bug fix: memory leak in IWStandAloneServer.
    • Bug fix: ServerController.CacheDir will not be filled at design time.
    • Bug fix in registration procedures.
    • Bug fix in IntraWeb setup. Now setup is correctly adding library path to IncludePath and LibraryPath C++ Builder options.
    • Modification to TIWServerInternalFiles.InternalAdd. Now internal resource may be replaced at runtime with other resources with the same name.


    • New: TIWGradButton control. First released for IntraWeb XII now ported to IntraWeb XIV. Read more about this control here.
    • Installer bug fix: Some Obj files were not being installed. InHTTPWebBrokerBridge.dcu was not being installed.
    • Bug fix: IWFileUploader was not working correctly because of an error in the associated minified JavaScript.
    • Bug fix: Under some circumstances, when destroying a IWForm containing TIWTabControl an Access Violation could occur. TIWTabControl, although not the owner of its IWTabPages, is now destroying all parented pages, during Dispose() method.
    • Modified: DefaultFontFamily is now class var of TIWFont


    • IntraWeb 14.0.5 supports Delphi / Rad Studio 2009, 2010, XE, XE2 and XE3*
    • Bug fix: Due to a failure on build process, IWInit.dcu and/or IWStart.dcu might not get installed. Affects D2009, D2010, XE and XE2 users. Doesn’t affect XE3 install.

    This new build is the same 14.0.4 version. Only the setup was changed. If your 14.0.4 installation is working, there is no need to update.

    * XE2 users must install at least Update Pack 2. XE3 users must install Update Pack 2


    • IntraWeb 14.0.4 supports Delphi / Rad Studio 2009, 2010, XE, XE2 and XE3*
    • Bug fix: HTTPS protocol was not working properly. Also, SSL redirections would fail.
    • Bug fix: Fixed 64-bit support.
    • Bug fix: TContentForm was not working properly
    • Bug fix: Command /$/Call, used for redirection, was not working
    • New unit IWFilePath created
    • Added field “filename*” to Content-Disposition HTTP header field. It allows to have UTF-8 file names in downloads (using WebApplication.SendFile/SendStream). This works in every modern browser, except Safari up to version 5.1.7. More information about “filename*” field you may find in RFC 6266
    • In Stand Alone server, there is a new information showing if the application was compiled as a 32-bit server or 64-bit server
    • Many refactorings and small bug fixes

    * XE2 users must install at least Update Pack 2. XE3 users must install Update Pack 2


    • Bug fix: Setting IWRegion.Visible to false during async may leave nested controls visible in IE
    • Bug fix: WebApplication.SendFile (or SendStream) may generate a “Reply type already set error”
    • Bug fix: TIWLink issue with WebApplication.TerminateAndRedirect
    • Bug fix: ISAPI or SA projects with ServerController.AllowMultipleSessionsPerUser = True may not work properly (broken links, images not loading, etc.)
    • Big fix: under very rare circumstances the license check was unable to detect the installed Delphi XE3 IDE
    • Core changes:
      • unit IWStrings merged with IW.Common.Strings
      • unit IWSystem renamed to IW.Common.System
    • Lots of optimizations and refactorings.

    TMS users: Due to merging/renaming, a new TMS update is needed in order to compile against this version. TMS should be releasing a new update soon.


    • New control TIWFileUploader. This new control replaces old TIWFile control. We are creating a new blog post to explain details about this new control.
    • New streaming classes and methods providing faster handling of requests and reponses, with lower memory consumption.
    • Bug fix: ISAPI application was broken in version 14.0.1. Now it should work as expected.
    • Bug fix: Expiration date/time of IntraWeb cookie is now fixed.
    • All bug fixes of version 12.2.12 – where aplicable – were also applied to version 14.0.2. Read more here.
    • Lots of optimizations and refactorings.