Difference between revisions of "VALT 6.6.10"
IVSWikiBlue (talk | contribs) |
IVSWikiBlue (talk | contribs) |
||
| Line 8: | Line 8: | ||
'''Technical''' | '''Technical''' | ||
| − | * | + | * Various security improvements |
| − | ** Enabled HTTP2 | + | ** Enabled HTTP2 |
| − | ** Strengthened HTTP security response headers | + | ** Strengthened HTTP security response headers |
| − | ** Server version information no longer exposed in HTTP responses | + | ** Server version information no longer exposed in HTTP responses |
| − | ** Fixed issue where certain paths did not enforce HTTPS security policies | + | ** Fixed issue where certain paths did not enforce HTTPS security policies |
| − | ** Updated API endpoints to now return consistent JSON error responses | + | ** Updated API endpoints to now return consistent JSON error responses |
| − | ** Improved API redirect handling for more reliable client compatibility | + | ** Improved API redirect handling for more reliable client compatibility |
** Fixed duplicate header conflict on the phpMyAdmin path | ** Fixed duplicate header conflict on the phpMyAdmin path | ||
| − | ** | + | ** Added HSTS header to Wowza Streaming Engine paths |
| + | ** Added several other application security hardening regarding authentication, input validation, and reporting | ||
Revision as of 14:51, 26 May 2026
May 22nd, 2026
Application
- Fixed issue that caused recordings' video files to infinitely grow in size
- This specifically impacted recordings put in the Prepared State and then started with an I/O trigger
- Fixed issue in Admin > Templates that allowed unexpected input in the Value fields for Single-Select and Multi-Select fields for Evaluation templates
Technical
- Various security improvements
- Enabled HTTP2
- Strengthened HTTP security response headers
- Server version information no longer exposed in HTTP responses
- Fixed issue where certain paths did not enforce HTTPS security policies
- Updated API endpoints to now return consistent JSON error responses
- Improved API redirect handling for more reliable client compatibility
- Fixed duplicate header conflict on the phpMyAdmin path
- Added HSTS header to Wowza Streaming Engine paths
- Added several other application security hardening regarding authentication, input validation, and reporting
