Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Preview

CoreOne Authentication Services

  • The performance of the password policy check upon authentication has been improved.

CoreOne Self-Service Portal

  • Expired or deleted records like representations or delegations are hidden from the UI after 10 days. You can change this default value in the settings.

  • The current active menu has been highlighted more clearly

  • Various penetration tests have been conducted on the Self-Service portals and some minor issues have been found. They all have been fixed and it’s advised to update.

    • PKCE was added to the SwissId federation

    • Company activation was prone for XSS attacks

    • Breaking change: frame-ancestors 'none' has been added to the CSP header and X-Frame-Options: DENY to the headers. If you have embedded the portal into another page, this will no longer work.

    • Strict-Transport-Security: max-age has been increades from 2592000 to 31536000

CoreOne Workflow Engine

  • Multiline support for acknowledge interaction has been added.

  • No labels

© ITSENSE AG. Alle Rechte vorbehalten. ITSENSE und CoreOne sind eingetragene Marken der ITSENSE AG.