Skip to main content
Skip table of contents

File Sharing 9.10.10 Release Notes Jan 2025

Security Enhancements

1. Customizable User Session Timeout in File Sharing Web Portal

The Thru Web Portal now supports customizable session timeouts via a back-end setting.

Session Expiration Mechanism: Sliding expiration automatically resets the expiration time of a valid authentication cookie when a new request is made, provided that more than half of the timeout interval has elapsed since the last activity.

2. Enhanced Dropbox with Message Password Mode

The Dropbox file download page now supports Message Password Mode, in addition to the existing Request Login protection mode.

  • A back-end metadata setting controls the behavior of the Dropbox notification email link:

    • Regular mode: Redirects to the internal Thru site page, requires full user authentication for Thru web portal user.

    • Thru email-style mode : Redirects to a Thru email-style Dropbox download page, which can be protected by either Request Login or Message Password mode, allowing users with no accounts in Thru Web portal to register or enter a message password and download the files uploaded via Dropbox.

  • Enhancement Details:

    • Previously, the Thru email-style Dropbox download page only supported Request Login Mode, it now supports Message Password Mode as well.

    • A Message Password field has been added to the Dropbox page for to create a password in a Message Password Mode .

  • To use a message password on Dropbox page and on a Distribution page emailed on Dropbox action, 2 settings should be enabled:

  • To enable Message Password Mode on Dropbox page and Thru email-style Dropbox download page, the following settings are required:

    • Dropbox notification email link should be set to Thru email-style Dropbox download page via a back-end metadata setting.

    • Request Login should be set to Never in Thru Site Options, and Message Password is enabled (and optionally enforced), as shown:

image-20241216-234816.png

Once configured, Dropbox page will display the Password field.

image-20250311-050312.png

3. Allow/Block List Support for Protected Links Download Page

The Allow/Block List feature now extends to the Protected Links Download Page, aligning its behavior with the Thru Email Download Page.

Exiting administrative control in Administration → Site Options → Messaging Tab

Domain filter feature now controls user registration for Protected file link downloads, based on email domain of recipient, similar to Thru Emails download page.

image-20250311-031625.png

Behavior:

  • If a recipient’s email domain is on the Block List or not included in the Allow List, registration is denied.

image-20250311-031816.png

4. File Preview Requires User Acceptance of Download Statement

If the site configuration mandates user agreement to a statement before downloading files, the same requirement now applies to file previews. Users must accept the statement before accessing the preview.

image-20250311-070005.png

5. New REST API for Managing Folder Permissions

The File Sharing REST API has been enhanced with new endpoints to read and manage folder permissions within the Virtual File System.

New API Endpoints:

  • Get Folder Permission List

  • Add Folder Permission for a User

  • Add Folder Permission for a Group

  • Update Folder Permission List

  • Delete Folder Permission List

Refer to the File Sharing REST API documentation for full implementation details.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close