Release Date: 07.02.2023

Important Update Notes

Language Packages

In case your language packages have been modified, the attached delta-file delta_english_lp_5.6.0_to_5.7.0.txt can help you to locate the changes in this update and re-apply the modifications. The structure of this file is explained in Language Pack Changes.

Changes in this version

Button to re-generate an auto-generated password

With this button it is possible to re-generate an auto-generated password when the password suggested by the system contains unwanted characters or is too complicated.

Button to copy password to clipboard

With this button it is possible to copy the generated password to clipboard.

Added CSP header

The CSP header helps to detect and mitigate certain types of attacks, e.g. Cross-Site Scripting (XSS). For this purpose CSP header allows the client(browser) to access only certain defined resources. In the default configuration only resources from the server domain are allowed. To allow additional resources, the cryptshare.properties can be used. This can be the case by customizing the user interface (e.g. reference logo from other resources)

Possibility to validate the host header

As before, the Cryptshare Server will respond to HTTP requests regardless of the contents of the 'Host'-header. To protect against Host-Header-Injection-Attacks, the server can be configured to block requests with a Host-header that is not the canonical host of this system.

Additional Changes

• Information about deactivated features when changing the licence.
• Resolved an issue where the contact details are lost when navigating to "Terms of use".
• Added logo and title to admin login screen.
• Improved visibility of "Terms of use" link.
• Added link pointing to the download area for language packs.
• Several included third-party components have been updated.
• The Java Runtime Environment has been updated to version 11.0.18.