🖥️ PowerFolder Server 26 FINAL
Release Date: January 2026
Build Number: 26.0.102
Type: Hot Fix Release
📦 Download Links
JAR File (Wiki Password required)
Outlook Add-In (No changes)
⬆️ Upgrade Information
Please read this complete Release Notes and instructions before upgrading.
Please follow the regular upgrade documentation for Windows or Linux
Upgrading any previous version higher or equal to version 16.0.100
Cluster: Running different versions on the servers in the cluster is supported but limited to version >= 22.0.100
🗑️Restoring top folder from system archive ("BACKUP_REMOVE")
Admins and users are now able to restore top-level folders direct from recycle bin.
web.restore_folder.users.enabled=true
To hide the options from end users set in server config:
web.restore_folder.users.enabled=false
Note: The new functionality is always visible to server admins
📝Support for ONLYOFFICE v9.1.x & 9.2.x
PowerFolder Server, Client, and Mobile Apps now fully support the latest ONLYOFFICE Document Server versions, whether deployed via Docker or as a standalone installation.
🆕 Organization Expiration Management
Two new administrative API endpoints have been added to manage expired organizations more efficiently:
Report expired organizations — Generate a detailed report of organizations that expired before a specified number of days.
https://apidoc.powerfolder.com/#api-Organizations-reportExpiredBeforeDelete expired organizations — Permanently remove organizations that expired before a specified number of days.
https://apidoc.powerfolder.com/#api-Organizations-deleteExpiredBefore
These endpoints simplify maintenance and cleanup of outdated organizational records in larger deployments.
🛡️Content Security Policy (CSP) Protection
To enhance security against Cross-Site Scripting (XSS) and other injection attacks, the application supports enabling Content Security Policy (CSP) headers. CSP allows the browser to restrict which content sources (scripts, styles, images, etc.) are allowed to load, preventing malicious scripts from executing.
Configuration
The CSP mechanism can be controlled via configuration flags in your server configuration file:
# Enable or disable Content Security Policy
web.csp.enable=true
# Run in report-only mode or enforce policy
web.csp.report_only=false
Options
web.csp.enableDefault:
trueEnables CSP headers in responses.
Set to
falseto completely disable CSP protection (not recommended).
web.csp.report_onlyDefault:
falseWhen
false, CSP violations will block content that does not comply with the policy.When
true, CSP runs in Report-Only mode: violations are logged/reported, but the browser does not block the content.
This is useful for debugging potential CSP false positives without breaking user functionality.
✨ New: Default user folders on first login
To simplify onboarding for new users, the system can now automatically create default folders at their first login.
Add the following to your Default.config (server maintenance):
# Default folders
f.my_files.name=Meine Dateien
f.my_files.dir=Meine Dateien
f.shared.name=Geteilt
f.shared.dir=Geteilt🔄 Javascript in Email Templates
The email templates are also improved, please update the email templates or delete the old templates.
📂 Enhancements in Database for Sub-Folder Sharing
In this version, major changes have been made to the database tables. New columns and entries have been added to support versioning and preparations for sub-folder sharing in upcoming releases. These changes are backward-compatible, even if the admin decides to downgrade the server.
⬇️ Downgrade Information (optional)
In case a downgrade to a previous version is necessary:
For a downgrade, you have to review our downgrade documentation.
Simply replace the PowerFolder-Server.jar file with that from the previous version you would like to run.
Log messages due to the higher schema version of database can be ignored:
[DatabaseMigrator]: Database layout version is newer than expected.
📜 Changelog
PFS-4711: Fixed edit txt files after creating it
PFS-4786: Prevent high load on federated systems when a service is offline
Release Date: December 2025
Build Number: 26.0.100
Type: Major Software Release
📜 Full Changelog
PFS-3537: Restoring top folder from system archive ("BACKUP_REMOVE") by admin and end user
PFS-4694: Navigate into folder after creating it
PFS-4702: Add share icon within folder ontop of table
PFS-4621: Show lock/editing status in web
PFS-4704: Show create folder prominent on empty TOP level
PFS-4662: Show upload or create prominent on empty folder
PFS-4703: Show upload or create prominent on empty subdirectory
PFS-4709: Move notifications from bottom left to bottom right
PFS-4644: Skip frontend search - always perform search through backend
PFS-4707: Accounts->Add Organiztation: Set default permission of user to "member" after adding
PFS-4320: Groups->Add account: Fix initial display of role and change role
PFS-4550: Browser "Back" → Search field should retain previous input
PFS-4636: Mount folders in under 5 seconds
PFS-4251: Prevent deletion of later / new file versions after restoring a selected one in web
PFS-4591: Dialog support for very long filenames with spaces in name
PFS-4648: Fix unsupported Browser Language(s) – Default to English
PFS-4693: Accounts: Add filter right next to search to modify search query
PFS-4698: Fix account activation link per mail for new users
PFS-4657: MFA reset as organization admin
PFS-4637: Fix reset MFA as server admin
PFS-4658: Correct notification after turing MFA off
PFS-4711: Fixed edit txt files after creating it
PFS-4096: Fix OO download when the file link configs. are set
PFS-4614: Load configuration for file link editing from server config.
PFS-4655: Fix display error while creating documents with large names
PFS-3580: Unable to access files containing umlauts and special characters in name
PFS-4631: Time change caused Upload Form failure (DateTimeParseException due to UTC ↔ DST conversion)
PFS-4647: PDF/JPEG file links in sub-directoreis open inline instead of downloading
PFS-4678: Improve handling of expired accounts
PFS-4643: Ensure account valid till date is same as organization
PFS-4635: Improve database performance on Account, FolderInfo and FolderSettings table
PFS-4653: Handle change of login method LDAP to SAML (and back)
PFS-4639: Register date and last login date should respect local time format
Security improvement: INT-1152
PFS-4642: Download and copy of file links in subdirectories leads to “not synced yet"
PFS-4641: Fix issue causing occasional sync failures for password-protected links
PFS-4719: File link: Deleting file with similar name removes link to a different file
PFS-4649: Upload form: “Description” field duplicates after repeated open/close (click-out or Esc)
PFS-4679: Fix reverse proxy of servers in LAN when data port is publicly available
PFS-4650: Ignore CSP warnings caused by browser extensions
PFS-4640: Do not empty (custom) fields, telephone and title when not mapped via LDAP
PFS-4699: Registration / Welcome email should send user to login page if activation is already done
PFS-4695: Prevent self activation by user filtered by email domain
PFS-4690: Show error / notification when required field is not filled
PFS-4683: Add frontend additional fields for registration: Address
PFS-4685: Account Editor address tab
PFS-4682: Add additional field for registration: phone. Validate input
PFS-4684: Add additional field for registration: Note
PFS-4691: Non activated accounts should have different avatar placeholder icon
PFS-4686: Show TOS link on register page footer
PFS-4736: Set new org to unlimited storage and user via account editor
PFS-4729: Updated favicon