Features
-
jetsocat: make doctor returns links to x509.io (#1059) (ce68fdd1d3)
Returns a link to x509.io Certificate Viewer in order to inspect the
certification chain conveniently. -
dgw: shadowing player web-component (#1075) (5169f60622)
-
dgw: /jet/jrec/delete endpoint for mass deletion (#1093) (341d455f6c) (DGW-219)
A new endpoint not taking any parameter via the request path.
Instead, a list of session IDs is provided in the request body.
Improvements
-
dgw: disallow SCOPE tokens missing the jti claim (#1082) (78396b5e14)
DVLS generates this claim since its version 2022.1.9.
This version is almost three years old, and already completely phased
out, as such it’s more than reasonable to stop supporting this kind
of token.
Bug Fixes
-
dgw: the recording policy wasn't set for RDP via web (#1044) (01fb589311)
-
dgw: support for .cast files that have two slices with the same timestamp in recording player (#1054) (8ed5163f3a)
-
dgw: allow any header to be set in browser JavaScript HTTP requests (#1083) (0a7c80898a)
We don’t expose any header particularly sensitive from the Devolutions
Gateway, and the future HTTP bridge will always require a token which
is only issued on a per-need basis. In fact, in such cases we actually
want to allow virtually any header to be used for web-based integration
of various web services (e.g.: VMware dashboard).
The restriction imposed by the token requirement is strong enough. -
dgw: better custom recording paths handling in heartbeat endpoint (#1097) (c1d047c190) (DGW-218)
On Windows, the std::fs::canonicalize function returns
Windows NT UNC paths, but our code detecting the mount point does not
understand that.
We use dunce to handle that for us instead.