- Release Date: May 2024
- Build Number: 21.0.101
- Type: Service Pack Release
This release contains major security fixes, please upgrade your server as soon as possible.
Download Links
Upgrade Information
- Please read this complete Release Notes and instructions before upgrading.
- Please follow the regular upgrade documentation for Windows or Linux
- Upgrading any previous version higher or equal to version 16.0.100
- Cluster: Running different versions on the servers in the cluster is supported but limited to version >= 16.0.100
nginx configuration changes to pass Host information (mandatory)
Please update the nginx site configuration due to security fixes from server version 21 FINAL:
location /rpc {
.. (existing content) ...
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
...
location / {
.. (existing content) ...
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
Notes:
- The configuration is incorrect in case you see in logs or browser:
Host header invalid - should contain web base URL - For more infos please visit our guide: Reverse Proxy Setup Guide#PassHostnameoftheUpstreamwhenReverseproxying
- Apache2 configuration does not need to be changed
Downgrade Information (optional)
- In case a downgrade to a previous version is necessary:
- For a downgrade, you have to review our downgrade documentation.
- Simply replace the PowerFolder-Server.jar file with that from the previous version you would like to run.
- Log messages due to the higher schema version of database can be ignored:
[DatabaseMigrator]: Database layout version is newer than expected.
Mandatory change
s
SAML: Transfer of Security Information
Change SAML/Shibboleth attribute prefix to SAML (from HTTP_) in shibboleth2.xml and Apache config.
This change is not backward compatible due to security reasons! There changes have to be done to correctly support SAML logins
TODO: Adopt Apache config. use prefix “SAML”, instead of “HTTP_”: Apache configuration
HTTPS Server-Client-Tunnel using Web Sockets
The clients can also use the encrypted web sockets same as our iOS app, please use the following web proxy guide to enable the web sockets: WebSockets for iOS and Desktop Client#EnablingWebSocketsforClient
Add the following config. to the Default.config (server) or PowerFolder.config (client) when the clients should use the web sockets, precondition the web sockets should be enabled on your server:
connections.websocket=true
Document Editing using WebDAV
After MS security updates 2023 the editing of documents using WebDAV is not possible, please use the following file to update the settings:
More infos under: WebDAV known issues in Windows
API Call to restore folder from BACKUP_REMOVE
You can now use the API call to restore one or all folders from system recycle bin:
- Restore single folder: https://apidoc.powerfolder.com/#api-Folders-GetApiFoldersActionRestore
- Restore all folders: https://apidoc.powerfolder.com/#api-Accounts-GetApiAccountsActionRestoreallfolders
Changelog Extended
PFS-4349 - Fix editable document file links when uploads are deactivated
- Release Date: May 2024
- Build Number: 21.0.100
- Type: Service Pack Release
Changelog