HTTP Commander v7.5 : What's new?
Watch short video about new features of the version 7.5 on YouTube.
Admin panel settings filter
HTTP Commander has a lot of settings. And sometimes it could be hard to find needed setting. Now this is much easier to do. Added left panel with settings group's names to the settings tab of the admin panel. It allows quickly switching between section instead of scrolling. Also search by settings name implemented.
Transparent authentication in MS Office .
For a long time MSOFBA has been used as main auth mode in the HTTP Commander, but starting from MS Office version 2021 this auth method cnsodered to be insecure.
And our customers asked us the logical question: "If the user is already authenticated in the HTTP Commander, why it is required to enter credentials again when the document is opened in desktop MS Office ?"
Starting from version 7.5 it is possible to open documents directly from the HTTP Commander in the desktop MS Office without entering user credentials. Technically, each time when document is opened in MS Office, temporary public link with limited lifetime is created. Lifetime will be automatically prolonged if document is kept opened for a while.
For the end user it works like it is expected to work: document opened, can be edited and saved back to the server.
Documents preview with LibreOffice
HTTP Commander has a lot of different integrations with third-party services to view/edit office documents, but sometimes it is not convinient.
Often it is enough to simply preview/read the document, rather then edit it.
Now it is possible to install on the web server LibreOffice app and generate PDF previews for office documents. Generated PDFs can be cached and reused, so documents preview will be generated only once. If document changes, new preview will be generated.
The main advantage of this feature is that documents are kept on your server and not transferred to a third party server.
Search results in a grid panel
Search results now can be viewed directly in the main file/folders view. Previously search results were displayed in a search window: it was a simple list of file/folder names without the ability to quickly preview them.
Now search results are displayed in the same panel as a regular file list. Moreover, the same view mode is applied: list, tiles or thumbnails and context menu can be used.
Notifications and alerts
We have renamed "Watch for modifications" (a bit weird naming) feature to "notifications". It sounds more appropriate in this context.
But name is not the one thing we have changed. Now it is possible to subscribe for notifications on any file/folder even if you have already configured notifications on a parent folder. In previous version all child notifications were removed when you configured notification on a parent folder.
Also now users can see badge on the "Alerts" tree item with the count of new events since the last view date for all subscribtions. It is a great way to quickly find out that something has been changed.
Added default template for all emails sent from the application. There are 3 email templates in the application:
- For notifications about changes in files/folders which user has configured to monitor . (alerts section)
- For public links invites. This email is sent when public links is created and user shares it via email.
- General template for all other emails (registration, password restore, and so on). It consists of header, content and footer.
Public links enchacements
- Added support of Bitly and Cuttly shortener services. On the client side a short url is requested automatically when user switches from the long to the short url in the window.
- Added option to send files as "web links" from the "Share"->"Send email" menu item. This is a quick and handy way to share file with external user. Option available only if public links to file / folder is allowed and if password is not required.
- Existing public link to file/folder remains active when file/folder is moved in the HTTP Commander.
- Automatic link creation at window open. Disabled browser password suggestions for password input fields. Hint for password complexity.
- Added option to set the maximum size of the single file allowed for upload. Applies also to public folder links and to uploads via WebDAV.
- Added new setting to configure common list of prohibited extensions for upload. Previously it could be configured only on a per-folder basis.
- Implemented check of file type by file contents. In most cases it can protect from uploading files with renamed extension.
- Added option to open file/folder location after upload. On hover the "ok" icon is replaced with the folder icon (with tooltip) and on clicking the uploaded file is selected in the containing folder.
File/folder history information now taken from the DB, previously it was stored in the NTFS alternate streams.
For compatibility reasons added new setting : FileHistorySource with default value set to "Database".
Added paging to the history tab on the details pane. With the new DB store there can be displayed a lot of records.
For forms(standard) version:
- Added password salt setting to secure saved passwords.
- Added a new setting HashUserPasswordsAlgorithm. It affects only passwords stored in the Accounts.xml file. By default HashUserPasswordsAlgorithm is set to SHA256, but during upgrade from a version < 7.5.0, its value is set to MDA5.
ADFS, Azure AD
- Azure AD : Implemented support of SAML auth. Improvements and optimizations.
- Simplified ADFS integration process. Now it is enough to use appropriate web.config file and specify the url to the adfs metadata as the value of the ADFSMetadataUrl setting.
- Forms auth mode only: AccountDeactivateAfter - The time interval in days after which the user will be automatically deactivated if he does not authorize in the application. EnableAccountActivation setting should be enabled for the correct work of this feature. User accounts are checked once in 12 hours. Added appropriate checkbox field to the user edit window in the admin panel, added column to the users grid.
- Admin panel: Implement display of User last access date and Last password change date. Last password change date implemented for AD, WinNT, AzureAD, Forms, Forms+Windows Users.