This release fixes a number of bugs and addresses several potential security issues:
Please see the Notes below for some configuration information related to these changes.
A big Thank You to one of our clients for sponsoring the work for these enhancements.
The new form tokens used in all form requests by default will expire in 30 minutes. This means that if your session timeout is larger than 30 minutes and you attempt to e.g. run a job after your web page has been sitting open for longer than that, you will see an “Invalid token” error. If this becomes a problem for you you can either change the expiration time for these tokens, or switch to using non-expiring tokens. See Administration - Configuration File Reference - Security.
To add a Password field definition to your plugin, see Plugin Development - Description Properties. (Note that currently using property annotations is not supported for the three plugin types that can use Password properties.)
See the Upgrading Guide.