- [Security] TSplus Web Portal now uses the POST action to send parameters to the server, thus encrypting everything when using HTTPS.
All connection clients have been updated to use this new action by default.
- [Security] TSplus Web Portal now limits the number of failed logon attemps.
After 3 logon attemps with a bad password in less than 15 minutes, the user is locked and cannot connect for the next 30 minutes.
These number are configurable in TSplus\Clients\www\cgi-bin\hb.exe.config
- [Security] OpenSSL and related dlls have been updated to their latest version
- [Security] Existing sessions web listing can now be disabled in AppControl.ini
To do so, add the following line in the [Security] section of AppControl.ini:
disable-existing-sessions-web-listing=yesPlease note that this will prevent the Load-Balancing "Sticky Sessions" feature to work.
- HTML5: fix for Chrome with cursor.
When user was leaving browser with cursor, then moved cursor back to browser, and has catched the browsers edges/borders then browser began to display that cursor even when continuing to move over canvas-rdp area, which looked ugly.
- HTML5: fix for latest Windows 10 update which could cause web server to hang.
- Web Server: added support for upcoming Java11