1.1.3 - 27 Mar 2021
[LC-917] - CLIENT may send an invalid Authorization header when a cached connection is reset by the web service provider
[LC-921] - --blob-files option is rejected if it contains more than 2 optional values
[LC-934] - CLIENT may abend when writing diagnostic log after request timeout
[LC-935] - CLIENT ignores socket connection reset while receiving response body on TLS connection
[LC-942] - API Editor allows download and DDL generation when API schema has changed but has not been saved
[LC-949] - DDL generator does not treat ENVIRONMENT as COBOL reserved word
[LC-965] - LWCCOM pagesize command may report valid input as invalid
[LC-969] - OpenAPI 3 import produces schema with invalid type references
[LC-974] - Setting isSet: true does not work for JSON object serialization when the object is empty
[LC-982] - OpenAPI 3 import incorrectly imports arrays of objects.
[LC-983] - Schema add by XML example does not work in IE11
[LC-985] - Update user profile sends credentials in the clear
1.1.2 - 28 AUG 2020
[LC-293] - API editor swagger import: vague mixed content error when Console is accessed via HTTPS and swagger is HTTP
[LC-570] - Schema editor XML add by example feature may report error "ReferenceError: soureAttribute is not defined"
[LC-844] - CLIENT may abend while parsing digest auth header with specific format
[LC-853] - HTTP log file name sequence does not roll over when date changes
[LC-854] - HTTP log version & date directives have incorrect values
[LC-855] - Console HTTP log time ranges should be in GMT to match the log timezone
[LC-874] - A structure element in an array of structures is not serialized if the element is hidden in a previous structure in the array
[LC-875] - Diagnostic log is corrupted if line break occurs at multi-byte character
[LC-881] - HSTS header may be sent intermittently
[LC-888] - --log startup option ignores "event" format specification
[LC-892] - Scaled integers with values exceeding 12 bytes are serialized as "************"
[LC-893] - unsigned long long values > 9223372036854775807 are not de/serialized correctly
[LC-900] - CONSOLE does not detect when filesystem is not TMF audited, resulting in unpredictable behavior
[LC-904] - Process logging configured at debug level may expose sensitive data in HTTP headers
[LC-880] - Implement XSRF protection in the Console
[LC-895] - Add option to allow binding to a specific IP address
1.1.1 - 04 MAR 2020
[LC-497] - At sign '@' not parsed correctly when used as option value.
[LC-654] - LWCCOM import cert does not replace existing cert with same common name.
[LC-718] - Certificate import with duplicate CN does not replace existing certificate.
[LC-763] - Sensitive data in XML payloads is not masked in diagnostic logs.
[LC-765] - JSON serializer abends if @XmlAttribute annotation is on the schema element
[LC-770] - CLIENT may abend when configured with invalid base-url
[LC-771] - Log configuration file documentation shows invalid level option "trace"
[LC-772] - INVALID-TYPE error is not documented
[LC-777] - Vague error "Deserialization error: Unexpected json type 0" is reported when the payload contains an object when a primitive is expected.
[LC-778] - Azure IoT Hub request signature algorithm leaks memory.
[LC-779] - String encoding validation leaks memory.
[LC-782] - Deserialization error occurs when the wildcard response is not the last response defined for the operation
[LC-783] - INVALID-HDR-VERSION error (103) is missing from documentation and generated DDL
[LC-784] - Credentials file error is logged with incorrect error code.
[LC-785] - API editor does not refresh when a new version of an API is uploaded
[LC-792] - Intermittent ICU load errors on TNS/E
[LC-801] - CLIENT process leaks memory on each request
[LC-802] - Organization field missing in generated CSR
[LC-808] - Client application receives connection reset or timeout error when HTTP 401 response is received and connection is closed
[LC-814] - Console uses mixed content links in page footer
[LC-815] - Upgrade AngularJS to version 1.7.9 to mitigate security vulnerabilities
[LC-837] - Response length is incorrect when response is not chunked encoded and no Content-Length header is returned
[LC-840] - HTTP authentication pre-auth does not work on non-secure (HTTP) connection
[LC-794] - Upgrade to OpenSSL 1.0.2.t
[LC-816] - Allow selection of diagnostic log content using diagnostic log configuration. See Diagnostic Log Configuration
[LC-824] - Add isSet schema property to indicate presence of optional elements. See Working with Optional Elements
[LC-833] - Add hideIfEmpty schema property to omit serialization of empty elements. See Working with Optional Elements
1.1.0 - 03 JUL 2019
Problems Corrected (since 1.0.4 release)
LC-667 - CONSOLE does not shut down when filesystem in use detected.
LC-673 - Certificate installation dialogs with textarea fields have no Cancel / Install buttons
LC-678 - Chunked encoded response is not processed correctly after HTTP 401 challenge
LC-711 - CLIENT may abend if response payload is larger than IPM blob size
LC-712 - API editor path field requires leading slash and disallows trailing slash
LC-714 - CLIENT may abend on startup if client certificate file cannot be opened
LC-719 - Integer with scale values less than 0.1 are serialized as scientific notation
LC-723 - Schema editor syntax check no longer works.
LC-726 - Schema editor error tooltip is not always visible
Support for XML payloads.
Performance and memory use improvements for file BLOBs.
Support for swagger import in YAML format.
Support for CyberSource HTTP signature authentication.