github Devolutions/devolutions-gateway v2024.3.4

latest releases: v2024.3.6, v2024.3.5
one month ago

Features

  • jetsocat: make doctor returns links to x509.io (#1059) (ce68fdd1d3)

    Returns a link to x509.io Certificate Viewer in order to inspect the
    certification chain conveniently.

  • dgw: shadowing player web-component (#1075) (5169f60622)

  • dgw: /jet/jrec/delete endpoint for mass deletion (#1093) (341d455f6c) (DGW-219)

    A new endpoint not taking any parameter via the request path.
    Instead, a list of session IDs is provided in the request body.

Improvements

  • dgw: disallow SCOPE tokens missing the jti claim (#1082) (78396b5e14)

    DVLS generates this claim since its version 2022.1.9.
    This version is almost three years old, and already completely phased
    out, as such it’s more than reasonable to stop supporting this kind
    of token.

Bug Fixes

  • dgw: the recording policy wasn't set for RDP via web (#1044) (01fb589311)

  • dgw: support for .cast files that have two slices with the same timestamp in recording player (#1054) (8ed5163f3a)

  • dgw: allow any header to be set in browser JavaScript HTTP requests (#1083) (0a7c80898a)

    We don’t expose any header particularly sensitive from the Devolutions
    Gateway, and the future HTTP bridge will always require a token which
    is only issued on a per-need basis. In fact, in such cases we actually
    want to allow virtually any header to be used for web-based integration
    of various web services (e.g.: VMware dashboard).
    The restriction imposed by the token requirement is strong enough.

  • dgw: better custom recording paths handling in heartbeat endpoint (#1097) (c1d047c190) (DGW-218)

    On Windows, the std::fs::canonicalize function returns
    Windows NT UNC paths, but our code detecting the mount point does not
    understand that.
    We use dunce to handle that for us instead.

Don't miss a new devolutions-gateway release

NewReleases is sending notifications on new releases.