On 30th of June the following was released:
- ISL Conference Proxy 5.0.2617.45 for for Windows 64bit (Platform=win64, Revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24, req_os_version=0x0a000000-0x7fffffff)
- ISL Conference Proxy 5.0.2617.45 for for Linux 64bit (Platform=linux64, Revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24, req_os_version=0x030a000000-0xffffffffff)
Modules
- Administration 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- Audit 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- Authentication 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- Backup 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- Core Login 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- DNS 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- GeoIP 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- Integrator 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- ISL AlwaysOn 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- ISL Groop 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- ISL Light 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- ISL Meeting 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- ISL Pronto 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- Locale 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- NTP 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- PostgreSQL 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- Reports 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- SSL 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- Storage 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
- System Monitor 5.0.2617.45 (revision=f66cd813003cc762337365e17ecc088b64123312, release_date=2026-06-24)
Translations
- administration_20260624_20260624_135956.translation
- backup_20260624_20260624_135956.translation
- core_login_20260624_20260624_135956.translation
- integrator_20260624_20260624_135956.translation
- isl_alwayson_20260624_20260624_135956.translation
- isl_conference_proxy_20260624_20260624_135956.translation
- isl_groop_20260624_20260624_135956.translation
- isl_light_20260624_20260624_135956.translation
- isl_meeting_20260624_20260624_135956.translation
- isl_pronto_20260624_20260624_135956.translation
- reports_20260624_20260624_135956.translation
- ssl_20260624_20260624_135956.translation
Update availability
All updates have release date set to 2026-06-24. Your ESS will need to be same or higher to be able to update your server. This release is available to all countries except Japan.
Upgrading to new version
This are server side updates so hosted service users do not need to do anything.
Server license users please check Upgrading Server License
Improvements
ISL Conference Proxy - Core - Set valid domains for web server (FEATURE) [ISLCONFPROXY-2115] More
DescriptionThe "Web server > Redirect domains" setting now accepts three additional actions in place of the redirect target: "$accept" (accept the domain as-is and stop processing further rules), "$403" (return access denied), and "$404" (return not found). This lets you restrict which domains are allowed to reach the web server, for example by accepting a specific domain and its subdomains and returning 404 for everything else.
Requests coming from localhost are no longer processed by these rules.
ISL Conference Proxy - Core - Remove deprecated_sagrid (FEATURE) [ISLCONFPROXY-2377] More
DescriptionDeprecated_sagrid was removed.
ISL Conference Proxy - Core, ISL Light - Add integrator key to domains and users and tag sessions with integrator key (FEATURE) [ISLCONFPROXY-2678] More
DescriptionDomains and users now have an "integrator key" field that can be set to identify which integrator they belong to. If a user has no integrator key set, the value is inherited from their domain.
ISL Light sessions are tagged with the integrator key of the user who started the session, which allows sessions to be grouped and queried by integrator.
ISL Conference Proxy - Integrator - Add integrator call integrator/domain/create/integrator/key/1 (FEATURE) [ISLCONFPROXY-2679] More
DescriptionA new integrator call "integrator/domain/create/integrator/key/1" is available. It creates a new integrator with a generated GUID key and a supplied public key, then assigns this integrator to a domain. The call accepts the domain name, public key, and a list of rights, and returns the GUID of the created integrator.
To use this call, the calling integrator must have the new "set_domain_integrator" right.
ISL Conference Proxy - Integrator - Add integrator call integrator/isllight/session/history/1 (FEATURE) [ISLCONFPROXY-2692] More
DescriptionIntegrators can now call the "integrator/isllight/session/history/1" web API to retrieve a list of ISL Light sessions that were tagged with their integrator key. Results can be filtered by session creation time and paginated.
To use this call, the integrator must be granted the "isllight_session_history_1" right, and the request must be authenticated with JWT.
ISL Conference Proxy - ISL AlwaysOn - Implement webapi internal/islalwayson/integrator/computers/query/1 to query multiple computer based on computer uids (FEATURE) [ISLCONFPROXY-2707] More
DescriptionIntegrators can now query information for multiple ISL AlwaysOn computers in a single request by providing a list of computer UIDs and a domain. The response includes details for each found computer, lists any UIDs that were not found, and reports the counts.
ISL Conference Proxy - Integrator - Expose internal/islalwayson/integrator/computers/query/1 to integrators (FEATURE) [ISLCONFPROXY-2715] More
DescriptionIntegrators can now use the new web API "integrator/islalwayson/computers/query/1" to fetch information about ISL AlwaysOn computers for a given list of computer IDs. A domain must be specified in the request, and if a user is also specified, only computers that user has access to will be returned.
Access to this web API requires the new "islalwayson_computers_query_1" permission.
ISL Conference Proxy - Integrator - Fail JWT request with empty key ID (FEATURE) [ISLCONFPROXY-2744] More
DescriptionIn previous versions, JWT API calls made with an empty key ID value were accepted and processed instead of being rejected outright. This was redesigned, so requests with an empty key ID are now rejected immediately without any database lookup. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - ISL AlwaysOn - Add computer tag managment page and show shared tags (FEATURE) [ISLCONFPROXY-3118] More
DescriptionA new "Manage tags" option is available in the Tags dropdown on the computers page. It opens a page listing all tags you created along with the number of your computers using each tag, where you can search, sort, and delete tags individually or in bulk. When deleting tags that are still in use, a warning is shown, and confirmed tags are removed from your computer list and from any of your connections.
The Tags dropdown in the computers filter now also lists tags from computers shared with you. Shared tags are marked as such and cannot be managed or deleted.
ISL Conference Proxy - Core - Add license usage history tracking (FEATURE) [ISLCONFPROXY-3358] More
DescriptionLicense usage history is now tracked and available as a report. A new "License Usage" option has been added to the Reports page, showing maximum license usage, connection counts, new session counts, and license limit hits over time. You can view the report for the whole server or for a specific domain, switch between daily and hourly views, and export the data.
Access depends on permissions: "View/control server sessions" is required to see server-wide usage or any domain's usage, while "View/control domain sessions" allows viewing only the user's own domain. Usage data can also be queried programmatically via the new "utils/usage/history/get/1" web API.
ISL Conference Proxy - Core - HTTP header Content-Security-Policy (FEATURE) [ISLCONFPROXY-3397] More
DescriptionSetting "HTTP header Content-Security-Policy mode" was added with 3 options:
- None - do not send Content-Security-Policy
- Report - send Content-Security-Policy-Report-Only
- Enforce (default) - send Content-Security-Policy
Setting "HTTP header Content-Security-Policy" with default value:
default-src *;script-src * 'unsafe-inline' 'unsafe-eval' blob:;img-src * data:;style-src * 'unsafe-inline';{{frame-ancestors}}{{report}}Policy violations will be reported to "/users/main/reporting-api" with a log line.
ISL Conference Proxy - Core - HTTP header Permissions-Policy (FEATURE) [ISLCONFPROXY-3398] More
DescriptionSetting "HTTP header Permissions-Policy mode" was added with 3 options:
- None - do not send Permissions-Policy
- Report - send Permissions-Policy-Report-Only
- Enforce (default) - send Permissions-Policy
Setting "HTTP header Permissions-Policy" with default value:
payment=(){{report}}Policy violations will be reported to "/users/main/reporting-api" with a log line.
ISL Conference Proxy - Core - Report mode for X-Frame-Options (FEATURE) [ISLCONFPROXY-3400] More
DescriptionBoolean setting "Disable framing of web pages" was renamed to "HTTP header X-Frame-Options mode" with 3 options (the default behavior does not change):
- None - do not send X-Frame-Options
- Enforce with SAMEORIGIN (default) - send X-Frame-Options: SAMEORIGIN
- Report use of frames - do not send X-Frame-Options and report every framed access to "/users/main/reporting-api" with a log line.
ISL Conference Proxy - Core - Deleted ICP files can reappear on reconnect of servers with outdated state (FEATURE) [ISLCONFPROXY-3551] More
DescriptionIn previous versions, files that had been deleted from the file storage could reappear after a server that was offline or out of sync reconnected to the GRID. This was redesigned, so deletions are now tracked and confirmed across all servers before the file information is finally removed, preventing outdated servers from restoring already deleted files. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Integrator - Additional system_integrator permission which is required for integrator/system calls (FEATURE) [ISLCONFPROXY-3573] More
DescriptionIntegrator methods are now available under a new integrator/system scope, which is protected by a new "system_integrator" permission. To call any integrator/system method, the integrator user must have this permission granted. The original integrator methods remain unchanged and continue to work as before.
Two new settings have been added to the Security tab in /conf. "Allowed IP addresses for WebAPI2 integrator methods" defines which IP addresses are allowed to access integrator/system methods; addresses can be separated by commas, and subnets can be specified (for example, 192.168.0.1/255.255.255.0). "Exceptions for allowed IP for WebAPI2 integrator methods" lists individual integrator/system methods that are excluded from the IP address check.
ISL Conference Proxy - Core Login, Integrator - Add audit logs for 2fa internal/security/login/tfa/email lockout events (FEATURE) [ISLCONFPROXY-3574] More
DescriptionAudit logs were added to "internal/security/login/tfa/email/<add|confirm|send>/2" methods, which are used internally by system/integrator 2fa lockout methods. v2500 page will show new column "Integrator" by default, where Data.integrator_key is shown.
ISL Conference Proxy - ISL Pronto - Support HTTP POST requests in chat start handler (FEATURE) [ISLCONFPROXY-3595] More
DescriptionISL Pronto chat sessions now use a new URL format. When a visitor starts a chat from your website, the chat window opens at a unique address (under /live/islpronto/chat/) instead of carrying chat parameters in the URL. This means visitors can refresh the chat window without resubmitting any form, and the chat URL no longer exposes parameters.
ISL Conference Proxy - ISL Pronto - Protect email send WebAPIs with reCaptcha (FEATURE) [ISLCONFPROXY-3596] More
DescriptionThe "Send chat transcript" function in ISL Pronto chat is now protected by reCAPTCHA when reCAPTCHA is configured on the server. When enabled, the chat login page shows a reCAPTCHA disclaimer, and email send requests include reCAPTCHA verification before being processed.
ISL Conference Proxy - Core - Mail send throttle (FEATURE) [ISLCONFPROXY-3598] More
DescriptionEmail sending is now rate-limited. When a limit is reached, the affected request is rejected with a "too many emails sent" error and the event is logged. By default, this applies to user-facing email APIs as well as system-initiated emails.
You can configure the limits under /conf > Security: "Max emails sent from IP address per period" (default 10), "Max emails sent to email per period" (default 10), Max emails sent to application integrator's email per period (default 120), and "Max emails sent period in seconds" (default 60). You can also choose whether these counters are shared across the grid or tracked per server ("GRID-wide max emails sent").
ISL Conference Proxy - ISL Pronto - Move session_id to body when calling call.js and events.js (FEATURE) [ISLCONFPROXY-3602] More
DescriptionISL Pronto chat sessions no longer expose the session_id as a URL parameter, which is now transmitted as a cookie when the client communicates with the server during a chat.
ISL Conference Proxy - Core - Use system uname call instead of starting new process (FEATURE) [ISLCONFPROXY-3619] More
DescriptionOn Linux systems, retrieving system information for the System statistics page in /conf should now be faster, using system calls. There is no change in behavior on Windows systems.
ISL Conference Proxy - Administration - Unify StartAuditLog error handling (FEATURE) [ISLCONFPROXY-3635] More
DescriptionIn previous versions, several administration API calls for managing users, computers, computer groups, groups, and domain settings could return inconsistent or misleading error messages when the audit log could not be started. This was redesigned, so these calls now return the same clear error indicating that audit logging could not be initialized. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - ISL Pronto - Do not re-use user_id or session_id during client initialization (FEATURE) [ISLCONFPROXY-3640] More
DescriptionIn previous versions, ISL Pronto clients could get stuck on a blank screen after being transferred between servers or after pressing F5 during an active chat session. This was redesigned, so that reconnecting clients are now properly recognized and replace the previous client session cleanly, without routing conflicts or duplicate sessions lingering. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Pronto - Create client chat member from master chat object (FEATURE) [ISLCONFPROXY-3644] More
DescriptionIn previous versions, when a client in an ISL Pronto chat session was connected to a different server than the one hosting the chat session and refreshed the browser page, the client would have to be re-allowed into the chat by the supporter, the "client has left chat" message would be missing from the chat transcript, and the client could end up appearing multiple times in the chat participants list. This was redesigned, so that on page refresh the client's chat membership is now registered in a single coordinated step with the server hosting the chat, preventing duplicate membership entries and out-of-order join handling. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core, SSL - Add support for calling webapi2 from /conf (FEATURE) [ISLCONFPROXY-3663] More
DescriptionSSL certificate management has moved into the Server Administration (/conf). A new SSL Certificate button is now available under /conf -> Configuration, which opens the certificate management page directly within the /conf interface. The previous page at /users/ssl/ssl.html has been removed.
The "User can create SSL certificate" security setting has been removed, since SSL certificate management is now always available to Server Administrators. Access to the new page continues to respect the "Allowed IP addresses for server administration" and "Must use SSL for server administration settings".
ISL Conference Proxy - ISL AlwaysOn - Computer actions status check is not updating "events" field after query (FEATURE) [ISLCONFPROXY-3688] More
DescriptionIn previous versions, when checking the status of computer actions in ISL AlwaysOn, the events list was not refreshed between status queries, which caused old events to be returned repeatedly and could lead to actions failing or requiring extra authentication attempts. This was redesigned, so that each status query now returns only new events since the previous check. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - ISL Meeting - Add host controls for customizing user feature access (FEATURE) [ISLCONFPROXY-3700] More
DescriptionMeeting hosts can now control which features attendees are allowed to use. When creating a meeting, the new "Host Controls" sidebar lets the host set the initial permissions, and the same sidebar can be opened during a meeting (from the Invite modal or the dropdown menu) to change them at any time. Changes take effect immediately for all connected attendees, and a notification is shown when a permission is granted or revoked.
The available options are "Allow mic for attendees" (attendees can turn on their microphone), "Allow camera for attendees" (attendees can turn on their camera), "Allow screen sharing" (attendees can share their screen), and "Allow meeting chat" (attendees can send chat messages). When a feature is disabled, any attendee currently using it is stopped (microphone muted, camera turned off, screen share ended), and the corresponding controls become unavailable. These restrictions apply to attendees only - the host always retains full access. Existing meetings created before this change behave as if all features are allowed.
ISL Conference Proxy - Backup - Move pages to /conf scope (FEATURE) [ISLCONFPROXY-3703] More
DescriptionBackup management has moved from the user pages to the Server Administration (/conf). You can now access backups from /conf under Configuration, where a new "Backup(s)" button is available. The separate /users/backup page is no longer available.
As part of this change, the "User can create backups" permission has been removed from Security settings, since backup operations are now handled entirely through the administration interface and require administrator access.
ISL Conference Proxy - Core - Fix ICP core plaintext output in emails (FEATURE) [ISLCONFPROXY-3704] More
DescriptionIn previous versions, the plain text version of emails sent by ISL Conference Proxy was difficult to read due to poor formatting. This was redesigned, with the plain text output reformatted so that its contents are properly laid out and readable. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Fix for list elements in email validation template (FEATURE) [ISLCONFPROXY-3705] More
DescriptionIn previous versions, bulleted and numbered lists included in the body of validation emails were not rendered correctly when the message was received. This was redesigned, and list formatting in email content is now displayed as intended. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Add code length to checksum offset computation (FEATURE) [ISLCONFPROXY-3707] More
DescriptionIn previous versions, some meetings with short codes could not be joined from the Join page, as the code was incorrectly matched to a different product instead of the intended meeting. This was redesigned, so that code length is now also taken into account when matching a session code to the correct product. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Meeting - Update notifications design (FEATURE) [ISLCONFPROXY-3712] More
DescriptionMeeting notifications have a new look. Informational messages appear in the bottom right corner in white, warnings appear in the bottom right in yellow, and errors appear at the top center in red. Each notification has a close button, and on mobile devices notifications span the full width of the screen and can be dismissed by tapping anywhere on them.
The wording of many notification messages has been revised for clarity and consistency, and the notification shown when a host mutes another participant now correctly displays the participant's name instead of raw markup.
ISL Conference Proxy - Reports - Domain and user filters in Reports are misleading when selecting all domains or all users in domain (FEATURE) [ISLCONFPROXY-3713] More
DescriptionIn previous versions, the domain and user filters on the Reports pages were unclear when viewing data for all domains or all users in a domain, making it hard to tell which sessions were actually included in the results. This was redesigned, with clearer filter labels and behaviour so that only relevant filters are shown based on what the user is allowed to see, and user selection is disabled until a domain is picked. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Add and use session elevation system for accessing to 2FA pages (FEATURE) [ISLCONFPROXY-3714] More
DescriptionAccess to security-sensitive pages now requires a recent password re-entry. When you open the "Security integrations" or "2-Step Verification" pages (or perform actions like adding, removing, or modifying 2FA methods and revoking OAuth2 authorized applications), you may be prompted to enter your password again before the page loads.
How long a session stays "elevated" before another password prompt is required is controlled by the new "Session elevation timeout (in seconds)" setting under Configuration → Security. The default is 300 seconds; setting it to 0 disables the re-authentication requirement entirely. Session elevation applies to internal users on web versions v2400 and v2500; external (SSO) users and older web versions are not affected.
ISL Conference Proxy - Core - Split TLS 1.2 counters and add logs for insecure ciphers (FEATURE) [ISLCONFPROXY-3717] More
DescriptionTLS 1.2 connection counters are now split into two groups. Connections using ciphers considered safer are counted separately as "TLS 1.2 v2", while the remaining TLS 1.2 connections continue to be counted under "TLS 1.2". This makes it easier to see how many clients still connect with weaker ciphers.
Connection log entries for "computer is online", "supporter logged in" and "session started" now include the TLS version and cipher used by the connecting client. For sessions, both the desk and client side are reported.
ISL Conference Proxy - Integrator, Core - Add integrator api to upload files into ICP file storage (FEATURE) [ISLCONFPROXY-3718] More
DescriptionA new integrator API call "system/integrator/sso/saml/sp/certificate/set/1" is now available for updating the SAML SP certificate on a domain. It accepts the domain name, certificate, private key, and an optional passphrase (required if the private key is encrypted), uploads the files to ICP private storage, and applies them to the domain's SSO security settings. Calling this API requires the "sso_saml_sp_certificate_set" right.
ISL Conference Proxy - ISL Meeting - Reduce webcam stream bitrate and limit number of received streams (FEATURE) [ISLCONFPROXY-3721] More
DescriptionThe side streams area in ISL Meeting now uses pagination instead of a scrollable list. Previous and next page buttons let you move between pages, and the number of streams shown per page is calculated automatically based on the size of the meeting window. The buttons are hidden when there are no side streams and disabled when you are at the first or last page.
Webcam bandwidth usage has been reduced. The participant shown in the spotlight is received in full camera quality, participants visible in the side streams are received in lower quality, and participants on side stream pages that are not currently visible only send their audio. Switching between pages requests the appropriate video quality as stream elements become visible or hidden.
ISL Conference Proxy - ISL Meeting - Raise galene version to 1.0 (FEATURE) [ISLCONFPROXY-3722] More
DescriptionGalene version was updated from galene-0.9.1 to galene-1.0.
ISL Conference Proxy - Core - Query extra parameters are not read when downloading networkstart program (FEATURE) [ISLCONFPROXY-3725] More
DescriptionIn previous versions, when downloading the ISL Light Client through the network start program, extra query parameters defined in the customization were ignored, so the selected client version did not match what the customization specified. This was redesigned, and the download now honors the extra query parameters, allowing administrators to control which client version is offered based on the customization in use.
Added setting for extra query parameters for ISL Light Client version selector within ICP customizations. The possible values are:
- Latest (default): select "ISL Light Client" based on regular algorithm
- v3: select "ISL Light Client" that is tagged with "isl_light_v3=1" header value
The defect was fixed.
ISL Conference Proxy - ISL Meeting - Add support to clients to use CF Realtime SFU (FEATURE) [ISLCONFPROXY-3729] More
DescriptionThe ISL Meeting client has been rewritten and now supports Cloudflare Realtime SFU as an alternative streaming backend alongside the existing Galene backend. The backend used for a meeting is selected per group; from a participant's point of view, audio, video, and screen sharing behave the same regardless of which backend is in use.
A new "Connecting" screen with a spinner is shown after you click Join while the connection to the meeting is being established, replacing the previous behavior where the join step appeared to hang briefly before the meeting view loaded.
ISL Conference Proxy - Core - Limit managed SSL certificate expiry warnings to just a couple of days before expiry (FEATURE) [ISLCONFPROXY-3730] More
DescriptionExpiry warning emails for HTTPS certificates managed by the SSL module are now sent only during the last 14 days before expiry. Previously these warnings started 30 days before expiry, which overlapped with the automatic renewal window and produced notifications about certificates that were about to be renewed anyway.
ISL Conference Proxy - Core - Upgrade password block list (FEATURE) [ISLCONFPROXY-3732] More
DescriptionThe password block list used to reject weak or compromised passwords has been expanded from around 40,000 entries to roughly 10 million, drawn from widely known leaked password databases. Users attempting to set a common or previously leaked password will now have it rejected, while passwords not on the list are still accepted.
Administrators can continue to override the shipped list by placing a custom "password_blocklist.txt" file in private storage.
ISL Conference Proxy - Core - Use user agent client hints when detecting platform version (FEATURE) [ISLCONFPROXY-3733] More
DescriptionISL Conference Proxy now uses client hints from supported browsers to determine the client's operating system version. On recent versions of Chrome and other Chromium-based browsers, the platform version reported through these hints is more accurate than the value extracted from the user agent string, which improves the detection of which client program version to offer for download.
If the browser does not provide platform version hints, ISL Conference Proxy falls back to the previous behavior of reading the version from the user agent string.
ISL Conference Proxy - Core - Internal error is reported in case of missing program during remote codesign (FEATURE) [ISLCONFPROXY-3739] More
DescriptionIn previous versions, when a remote signing server was asked to sign a program that it did not have available locally, the server reported an internal error instead of a meaningful response. This was redesigned, so that a missing program during remote code signing is now treated as a regular request failure and logged accordingly. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core Login - Add related origins support to ICP's webauthn implementation (FEATURE) [ISLCONFPROXY-3740] More
DescriptionPasskeys (WebAuthn) can now be used across multiple related domains pointing to the same ICP server. A new server setting, "Passkey (WebAuthn) related origins", accepts a semicolon-separated list of hostnames (for example, example.com;login.example.com) that are treated as related origins, allowing users to register a passkey on the main domain and then sign in with it from any of the listed domains.
The setting is available under Configuration → Security. When left empty, behavior is unchanged and only the primary domain can be used for passkey login.
ISL Conference Proxy - ISL Meeting - Fix Show buttons without text is not consistent on mobile devices (FEATURE) [ISLCONFPROXY-3742] More
DescriptionIn previous versions, when the "Show buttons without text" option was enabled in ISL Meeting on mobile devices, the More button dropdown displayed inconsistently, with some items showing text and others not. This was redesigned, so the More button dropdown now shows all entries in a consistent way, and the order of "Scan QR Code" and "Meeting Settings" has been switched for a more logical layout. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Add option to block requests based on recaptcha score or reason code (FEATURE) [ISLCONFPROXY-3744] More
DescriptionWeb API requests protected by reCAPTCHA can now be rejected automatically based on the reCAPTCHA score or reason code. Two new settings have been added under the reCAPTCHA configuration category: "Reject requests with score" rejects requests whose reCAPTCHA score falls below the specified threshold, and "Reject requests with reason codes" rejects requests that match any of the listed reCAPTCHA reason codes (for example, automation or excessive traffic).
When a request is blocked, the user is shown a message indicating that the request was blocked due to suspicious activity and advising them to try again or contact an administrator.
ISL Conference Proxy - ISL Meeting - Match Typography to Design System (FEATURE) [ISLCONFPROXY-3745] More
DescriptionISL Meeting now uses the same font throughout the interface, with updated font sizes, weights, and line heights to match the current design. This applies to the Join and Create meeting pages as well as in-meeting elements such as Chat, People, Audio/Video settings, the toolbar, invite and settings dialogs, and toast messages.
ISL Conference Proxy - Core - Associated data delete action required checks fail for domain in case there are no users in domain (FEATURE) [ISLCONFPROXY-3746] More
DescriptionIn previous versions, attempting to delete a domain that contained no users would fail during the required actions check, preventing the domain from being removed. This was redesigned, and empty domains can now be checked and deleted as expected. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - ISL Meeting - Update the chat design (FEATURE) [ISLCONFPROXY-3748] More
DescriptionThe chat in ISL Meeting has an updated look. Messages now appear in colored bubbles, with your own messages shown in blue and messages from other participants shown in gray, making it easier to follow the conversation at a glance.
Links in chat messages remain clickable, and your message color stays consistent if you disconnect and reconnect during a meeting.
ISL Conference Proxy - Meeting - Replace guest internal id in control request modal (FEATURE) [ISLCONFPROXY-3749] More
DescriptionIn previous versions, when a participant requested remote control during a meeting, the confirmation dialog shown to the sharing user displayed an internal identifier for guests or a plain username for logged-in users instead of a recognizable name. This was redesigned, so the dialog now shows the same name that appears in the People sidebar, which is the full name, nickname or username for logged-in users and the chosen name for guests. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - ISL AlwaysOn - Delay check for missing computer in DB during register (FEATURE) [ISLCONFPROXY-3750] More
DescriptionOn grid setups with ISL AlwaysOn, the check for a missing computer record during registration is now delayed to allow database synchronization between grid servers to complete. If the computer is still missing after 10 seconds, a warning is logged, and a second check is scheduled 20 seconds later. Only if that second check also fails is a critical log entry created.
This reduces false alarms in the logs when an AlwaysOn client registers on one grid server while its database record is still propagating from another.
ISL Conference Proxy - Core - Return program not found in case of missing translation during remote code sign (FEATURE) [ISLCONFPROXY-3751] More
DescriptionIn previous versions, when a server performing remote code signing was missing the translation files required for the requested program, it would still generate and deliver a program without those translations. This was redesigned, so that in such cases the server now returns a "program not found" error instead of producing a program with incomplete translations. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Remove "blob:" from default CSP setting (FEATURE) [ISLCONFPROXY-3752] More
DescriptionDefault value for setting "HTTP header Content-Security-Policy" was changed from:
default-src *;script-src * 'unsafe-inline' 'unsafe-eval' blob:;img-src * data:;style-src * 'unsafe-inline';{{frame-ancestors}}{{report}}to
default-src *;script-src * 'unsafe-inline' 'unsafe-eval';img-src * data:;style-src * 'unsafe-inline';{{frame-ancestors}}{{report}}source "blob:" is no longer allowed for "script-src".
ISL Conference Proxy - ISL Meeting - Consume license in meetings (FEATURE) [ISLCONFPROXY-3753] More
DescriptionISL Meeting sessions now consume ICP licenses, just like Light and Groop sessions. For a meeting, all licenses are consumed by the host. The first 2 users consume only a single license while all subsequent users consume one additional license each. Consumed licenses are visible in the Clients page on /conf and also shown in the License Usage ICP page.
On the License Usage page, all licenses belonging to the same meeting are grouped under a single checkbox. Using "End Selected Sessions" ends the meeting, disconnects all participants, and shows them the "Meeting Has Ended" page. If a host tries to start a meeting when no licenses are available, an error explains that there are no available licenses. If a participant tries to join a meeting that has hit the license limit, they are told the meeting is full, and the host receives a notification that someone is trying to join but the license limit has been reached.
ISL Conference Proxy - Core Login - Add Require Email Verification for Users Without 2FA option (FEATURE) [ISLCONFPROXY-3756] More
DescriptionA new login security option, "Require email verification (non-2FA configured)", is now available under /conf -> Security settings. When enabled, users without Two-Factor Authentication (2FA) configured will be required to enter a one-time code sent to their email address during login. Users with 2FA already configured are not affected. Users without an email address on their account will not be able to log in while this setting is enabled. Setting is disabled by default.
ISL Conference Proxy - [INTERNAL] ISL Conference Proxy - Core - Add support for restore webtoken in secure redirect (FEATURE) (FEATURE) [ISLCONFPROXY-3757] More
DescriptionSupport for restore webtoken in secure redirect was added.
ISL Conference Proxy - Audit - Remove internal errors from audit logs (FEATURE) [ISLCONFPROXY-3758] More
DescriptionIn previous versions, audit logs could display internal error messages. This was redesigned, so that only errors with a clear description appear in the Audit tab, while other errors are now shown as "unexpected error". The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Administration - Show user's 2FA status in user list (FEATURE) [ISLCONFPROXY-3759] More
DescriptionThe user list in the Administration module now shows two-factor authentication information for each user. Five new columns are available: "2FA Status" (shows "Enabled" along with the active methods, or empty if the user is not enrolled), "2FA Phone" (registered SMS numbers, obfuscated), "2FA Email" (registered email addresses), "2FA TOTP" (registered authenticator devices), and "2FA Passkey" (registered passkeys). All five columns can be sorted and filtered, with a new filter option offering "Enabled" and "Not Set" values.
The same 2FA details are also shown in the user sidebar and on the user details page under a new "Two-Factor Authentication" section, so administrators can review a user's enrollment status and configured methods without leaving the user view.
ISL Conference Proxy - ISL Meeting - Create a proxy for CF SFU Connection API (FEATURE) [ISLCONFPROXY-3761] More
DescriptionA proxy layer was introduced in the meeting module that forwards Cloudflare Realtime SFU API calls from clients through the conference proxy server. The choice of backend is now controlled entirely by the server: the "Use Cloudflare Realtime SFU" option (which selects between Cloudflare and the built-in Galene backend) takes effect when the ISL Meeting module starts. Changing it during an active meeting will not interrupt ongoing streams, and the new setting applies after the module is restarted.
ISL Conference Proxy - Core - Login dialog link button order different in ISL Light that on web (FEATURE) [ISLCONFPROXY-3763] More
DescriptionIn previous versions, when signing in through the web with two-factor email or SMS verification enabled, the "Resend" and "Try another way to sign in" links appeared in the wrong order compared to the ISL Light application. This was redesigned, and the links on the web verification screen now appear in the same order as in ISL Light, with "Resend" above "Try another way to sign in". The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Move license usage tracking DB to Reports module (FEATURE) [ISLCONFPROXY-3765] More
DescriptionNew tables used for license usage history are: "reports_license_usage_per_hours" and "reports_domain_license_usage_per_hours". New dev flag "Disable license usage history" (file "license_usage_history_off") was added that can be used to disable license usage history tracking completely.
New webapi for querying license usage was added "reports/license/usage/get/1" that replaces and removes existing "utils/usage/history/get/1".
License usage flushing is set to 60s, so any usage on domain or server will be flushed to DB after 60 seconds or more. Flushing goes over GRID messages handled by Reports module, they are aggregated and delayed in Reports module also for ~10 seconds.
ISL Conference Proxy - ISL Meeting - Limit number of participants (FEATURE) [ISLCONFPROXY-3766] More
DescriptionISL Meeting now enforces a maximum number of 10 participants per meeting. When a meeting reaches the participant limit, additional users attempting to join will see a "meeting is full" error message.
Existing license limits continue to apply alongside this per-meeting limit.
ISL Conference Proxy - Administration - Allow Domain Admins to perform 2FA reset for their users (FEATURE) [ISLCONFPROXY-3767] More
DescriptionDomain administrators can now reset two-factor authentication for users in their domain. This is useful when a user has lost access to their 2FA device and cannot sign in.
The "Reset 2FA" action is available from three places in the administration interface: the sidebar on the users list page, the "2FA Status" section link on the user details page, and the "Edit" drop-down on the user details page. The action is disabled with an explanatory tooltip for users who do not have 2FA configured. When 2FA is reset, the user receives a notification email (if an email address is set), and the action is recorded in the audit log.
ISL Conference Proxy - ISL Meeting - Make the app use ICP CF Proxy instead of CF Connection API directly (FEATURE) [ISLCONFPROXY-3768] More
DescriptionWhen using Cloudflare Realtime SFU as the streaming backend in ISL Meeting, communication with Cloudflare now goes through the ISL Conference Proxy.
ISL Conference Proxy - Core Login - Load webauthn translations as part of external dialog response (FEATURE) [ISLCONFPROXY-3769] More
DescriptionIn previous versions, when ISL Conference Proxy was accessed through a reverse proxy or different hostname, the passkey (WebAuthn) login screen could fail to load its translated text due to a cross-origin restriction. This was redesigned, so the translated text for the passkey login screen is now delivered together with the login dialog itself instead of being fetched separately. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Rephrase 2FA setting texts as positive requirement (FEATURE) [ISLCONFPROXY-3771] More
DescriptionThe two-factor authentication settings have been renamed and rephrased so that enabling them turns the requirement on, rather than the previous wording where disabling them enforced the requirement. The setting previously called "Login without configured Two-Factor Authentication" is now "Require 2FA". Its value labels are also inverted to match, so "Yes" now means 2FA is required.
The underlying behavior, stored values, and inheritance of these permissions are unchanged — only the displayed labels and descriptions differ.
ISL Conference Proxy - ISL Pronto - Register pronto file paths in reverse proxy (FEATURE) [ISLCONFPROXY-3772] More
DescriptionIn previous versions, in a grid setup, files sent or downloaded through ISL Pronto chat could fail to load when the request was handled by a server that did not have the ISL Pronto module installed. This was redesigned, so that file send and download requests are now correctly routed to a server that can serve them, regardless of which server in the grid received the original request. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Allow main account login with password when sso on domain is enabled (FEATURE) [ISLCONFPROXY-3774] More
DescriptionIn previous versions, the main account user could not log in with username and password once single sign-on was enabled on their domain, as they were always redirected to the Identity Provider portal. This was redesigned, so that the main account user can now log in directly with their username and password even when SSO is active on the domain. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Login - Add settings to allow/deny 2FA methods (FEATURE) [ISLCONFPROXY-3775] More
DescriptionAdministrators can now control which 2FA methods users are allowed to register through four new permissions: "authenticate_allow_2fa_totp" (Authenticator App), "authenticate_allow_2fa_passkey" (Passkey/Security key), "authenticate_allow_2fa_phone" (Phone), and "authenticate_allow_2fa_email" (Email). When a method is denied, users cannot register new devices of that type, and previously stored devices of that type cannot be restored after a 2FA reset. Users with already registered devices can still log in using them.
To fully remove a 2FA method that is already in use, disable the relevant permission and then perform a 2FA reset for the affected users. Note that disabling all four methods while "Require 2FA" is enabled can lock users out.
ISL Conference Proxy - Core - Remove redundant logs for slow packet generator and only report when task stops/finishes (FEATURE) [ISLCONFPROXY-3776] More
DescriptionIn previous versions, slow packet generation produced multiple repeated log entries for the same task while it kept running, cluttering the logs. This was redesigned so that only a single log entry is written when the task finishes or is stopped, and tasks that run beyond the configured maximum execution time are now terminated instead of being left to continue indefinitely. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core, ISL AlwaysOn - Extra logs and http events for AON (FEATURE) [ISLCONFPROXY-3779] More
DescriptionProgram downloads (/start and /download) are now recorded in the server log at info level, including client IP, requested template, and query parameters. Sensitive values in the logged query are replaced with placeholders.
A new domain-level setting "ISL AlwaysOn > Allow silent grant" has been added and is enabled by default. When disabled, newer ISL AlwaysOn programs can no longer perform silent grants (normal grants still work), and older ISL AlwaysOn programs can no longer perform any grants and must be upgraded.
ISL Conference Proxy - Core Login - Disable "Turn OFF" 2FA button when "Require 2FA" is enabled (FEATURE) [ISLCONFPROXY-3781] More
DescriptionWhen two-factor authentication is required for a user (either at the user, domain, or server level), the "Turn OFF" 2FA button is now disabled and shows a tooltip explaining why. This prevents users from accidentally trying to disable 2FA when their account policy does not allow it.
ISL Conference Proxy - Core Login - Offer "web login" option in "Try another way" login dialog view (FEATURE) [ISLCONFPROXY-3782] More
DescriptionIn previous versions, when signing in to a native application and choosing "Try another way" in the login dialog, the option to log in via browser was not available, even though it was offered in other login views. This was redesigned, and the "Log in with browser" option is now also shown in the "Try another way" view, subject to the same permission that controls its appearance elsewhere. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core Login, Adminstration - Add 2FA status to sidebar of "sticky rows" for newly created users (FEATURE) [ISLCONFPROXY-3783] More
DescriptionIn previous versions, when administrators created a new user, the sidebar opened from the "sticky row" at the top of the users table did not show the 2FA status for that user. This was redesigned, and the sidebar now correctly shows the 2FA status for newly created users as well. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - PostgreSQL - Update PostgreSQL to version 16.13 (FEATURE) [ISLCONFPROXY-3784] More
DescriptionPostgreSQL version packed with PostgreSQL module was raised from version 16.8 to 16.13.
ISL Conference Proxy - Core - Add CORS for /webapi2 and register setting for setting allowed origins (FEATURE) [ISLCONFPROXY-3789] More
DescriptionThe WebAPI2 endpoint now supports cross-origin requests from external domains. You can control which domains are allowed via a new setting under Security, "Allowed hosts for CORS requests to WebAPI2", which takes a comma-separated list of hostnames permitted to make cross-origin POST requests to /webapi2. Entries are written without the https:// prefix, and a leading *. acts as a wildcard that matches both the base domain and any of its subdomains (for example, *.example.com matches example.com, sub.example.com, and a.b.example.com).
By default the list is empty, so existing behavior is unchanged and only same-origin requests are accepted. Note that this applies only to /webapi2 — the /users/webapi2 and /conf/webapi2 endpoints are not affected.
ISL Conference Proxy - Core - ICP will report log "allowed unsafe program args" with "data.PROGSARGS_UNSAFEARGS_TXT isl_light_version=latest" (FEATURE) [ISLCONFPROXY-3790] More
DescriptionIn previous versions, starting an AlwaysOn session through ISL Light with the "Download Client (Longer connection time)" option enabled caused a warning about unsafe program arguments to be written to the server log. This was redesigned, and the version parameter used when launching the client is now recognised as a valid argument in this context. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Return latest ISL Light even when v3 is selected on Mac/Linux (FEATURE) [ISLCONFPROXY-3791] More
DescriptionIn previous versions, when ISL Light version 3 was selected through a customization, user setting, or server setting, Mac and Linux users were offered version 3 instead of the latest ISL Light version. This was redesigned, so that on Mac and Linux the latest version is now returned in this case while Windows continues to honor the version 3 selection. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Graceful GRID connection close (FEATURE) [ISLCONFPROXY-3792] More
DescriptionIn previous versions, normal file transfers between GRID servers generated misleading warning-level "grid connection down" log entries, and uploads to remote server storage through the configuration page resulted in empty files on the destination. This was redesigned, so that file transfer connections now close gracefully and are logged at notice level with the correct server identification, and remote uploads preserve the file contents correctly. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Support per-path policies for CSP and PP (FEATURE) [ISLCONFPROXY-3794] More
DescriptionThe "HTTP header Content-Security-Policy" and "HTTP header Permissions-Policy" settings now support different policies for different URL paths. Both fields have been changed from a single line to a multi-line input, where each line contains a URL path prefix, a space, and the policy string to apply to requests under that path. The first matching path from top to bottom is used, and a line starting with "/" acts as a catch-all and should be placed last.
Existing configurations continue to work without changes: any stored value that does not begin with "/" is treated as a single global policy. The default values have been updated to use the new format. Blocked CSP and Permissions-Policy violation reports are now logged at "error" severity instead of "critical".
ISL Conference Proxy - ISL Meeting - Add server id check and redirect to CF SFU webapis (FEATURE) [ISLCONFPROXY-3795] More
DescriptionIn previous versions, when a meeting was hosted on one server in a grid but a participant's requests landed on a different server, certain in-meeting actions such as turning on the camera could fail with a "meeting not found" error. This was redesigned, so that requests arriving at a server that is not hosting the meeting are now automatically redirected to the correct server before any processing takes place. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - SSL - Add possibility to supply EAB information when requesting certificate (FEATURE) [ISLCONFPROXY-3798] More
DescriptionWhen requesting an SSL certificate from a Certificate Authority that requires External Account Binding, you can now supply the required credentials. The certificate request form includes a new optional "External Account Binding" section with two fields: "Key ID" (the key identifier provided by your Certificate Authority) and "MAC Key" (the base64url-encoded MAC key provided by your Certificate Authority). Both fields must be filled in together, and they link your ACME account to your account at the Certificate Authority.
The ACME account private key is now stored and reused across certificate operations. On installing a new certificate a new account key is generated and saved; subsequent renew and revoke operations reuse the stored key instead of generating a new one each time.
ISL Conference Proxy - Core - Uptime not calculated correctly (hefa::uptime()) for uptimes more than 48 days (FEATURE) [ISLCONFPROXY-3800] More
DescriptionIn previous versions, the server uptime shown on the Activity Monitor page was incorrect once the server had been running for more than 48 days. This was redesigned, and the uptime is now calculated using a counter with a sufficiently large range so that long uptimes are reported accurately. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Adminstration - Include 2FA columns in user export (FEATURE) [ISLCONFPROXY-3801] More
DescriptionIn previous versions, the user export from the administration pages did not include any information about which users had two-factor authentication configured, so administrators had to check each user individually. This was redesigned, and the export now contains columns indicating whether 2FA is enabled and which methods are set up, including phone, email, TOTP, and passkey, with phone numbers shown in a masked form. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core, ISL Meetings - Fix "uncaught exception: [object Object]" shown when invalid code is used (FEATURE) [ISLCONFPROXY-3802] More
DescriptionIn previous versions, opening a meeting link with a code that did not exist, had been deleted, or had expired showed a red error banner reading "An error occured. Please contact a system administrator." and an uncaught exception in the browser console. This was redesigned, and users now see a dedicated "Meeting Not Found" page with a short explanation and a "Back to Join" button that takes them back to the join page. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core Login - Show error explaining why last passkey can not be removed (FEATURE) [ISLCONFPROXY-3803] More
DescriptionIn previous versions, when a user tried to remove their only remaining passkey and had no other second-step verification method configured, the removal would fail without a clear explanation of why it could not be completed. This was redesigned, and the confirmation dialog now displays an explicit error message stating that the last passkey cannot be removed when no other 2-Step Verification method is available, matching the behavior used for other 2FA methods. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - ISL Light - Add support for TCP TURN servers (FEATURE) [ISLCONFPROXY-3804] More
DescriptionISL Light module now supports requesting ICE servers that use TCP protocol. Client must provide the option when requesting servers. Module now also supports providing stats for TCP TURN connection usage in "stats".
ISL Conference Proxy - Core - icon-precomposed.png not found (FEATURE) [ISLCONFPROXY-3807] More
DescriptionIn previous versions Critical-severity HTTP request error logs were generated whenever an iOS device on an intranet (private) IP requested
/apple-touch-icon*.pngpaths. These auto-probes are normal browser/OS behaviour and the 404 response is expected so the log severity for these specific paths is demoted tonotice. The issue should no longer be reproducible.The defect was fixed.
ISL Conference Proxy - ISL Meeting - Two concurrent readers on websocket (FEATURE) [ISLCONFPROXY-3811] More
DescriptionIn previous versions, users in ISL Meeting sessions could occasionally experience unexpected disconnections or instability when leaving a meeting or when the connection was being closed. This was redesigned, so that the closing of meeting connections now happens in an orderly sequence without conflicting operations. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - ISL Meeting - CF SFU stability improvements (FEATURE) [ISLCONFPROXY-3812] More
DescriptionIn previous versions, meetings with several participants turning their cameras on and off could become slow to respond, with noticeable delays as more people joined or changed their streams. This was redesigned, so that the server no longer holds meetings up during video routing calls and no longer prepares video routing for participants who are not sending any audio or video. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - ISL AlwaysOn - Throw block computer grant reason (FEATURE) [ISLCONFPROXY-3814] More
DescriptionIn previous versions, when a computer grant was blocked by the server, the user received a generic failure message without information about why the grant was rejected. This was redesigned, so the actual reason for the block is now reported back to the user attempting the grant. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core Login - Allow ja language to bypass enforce 2FA (FEATURE) [ISLCONFPROXY-3815] More
DescriptionEmail verification requirements for users without configured 2FA now include a language-specific bypass for Japanese external login dialogs.
This effects only the "Require email verification (non-2FA configured)" ( "authenticate_require_email_verification_no_2fa") permission.
ISL Conference Proxy - Core Login - Allow hs accounts older then 2026-05-01 to bypass enforce 2FA (FEATURE) [ISLCONFPROXY-3816] More
DescriptionWhen the "Require email verification (non-2FA configured)" setting is enabled, users without 2FA configured are normally asked to verify their email address on login. Accounts created before May 1, 2026 are now exempt from this check and can log in without performing email verification.
This exemption applies only to the "Require email verification (non-2FA configured)" setting and does not affect the separate "Allow missing 2FA" setting, which continues to behave as before.
ISL Conference Proxy - Core - ICP join page preload instead of ios join scheme link when joining from iPadOS (FEATURE) [ISLCONFPROXY-3819] More
DescriptionIn previous versions, joining a session from Safari on an iPad running iPadOS 13 or later offered the macOS desktop installer instead of directing the user to the iOS app. This was redesigned, so that iPads are now correctly recognised as touch devices and routed to the mobile join flow. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - ISL Light v5 version selector (FEATURE) [ISLCONFPROXY-3821] More
DescriptionThe desktop ISL Light client version selector now includes a "v5" option alongside the existing choices. You can set the global "Desktop client version:" option to "v5" to prefer version 5 builds, or to "v3" to prefer the older version 3 build (which is now listed only for win32). Unlike before, this preference now acts as a sort order rather than a hard filter, so if a program is not compatible with the client's operating system version, other available builds are still offered as a fallback.
If you need the previous strict filtering behaviour, you can append "isl_light_v3=1" or "isl_light_v5=1" to the programs URL to show only matching builds. The "v3" and "v5" tags are also now shown in the order index configuration, so you can identify and reorder builds by version.
ISL Conference Proxy - Core - Cap islhash1 password check input to 1024 bytes (FEATURE) [ISLCONFPROXY-3823] More
DescriptionLogin requests with passwords longer than 1024 bytes are now rejected immediately as incorrect.
ISL Conference Proxy - Core - Add timing trace to slow packet generator logs (FEATURE) [ISLCONFPROXY-3825] More
DescriptionPacket generator logs for completed/failed/slow generation now also contain timing trace for states.
ISL Conference Proxy - Core - ISL Meeting - Remove the text beta for the ISL Meetings functionality in the product GUIs (FEATURE) [ISLCONFPROXY-3826] More
DescriptionISL Meeting is now the default meeting application and is no longer marked as beta. On the meetings page, the primary "New Meeting" button opens ISL Meeting in a new window, and the reports dashboard shows a single "Meetings" tile for ISL Meeting sessions.
A new setting "Default meeting application" is available under Settings > ISL Meeting > Basic, which controls whether new meetings use ISL Meeting or the legacy ISL Groop. When set to "ISL Groop (legacy)", the meetings page shows the previous dropdown with "New Meeting", "New Webinar" and "New Classroom" options plus an additional "New Meeting (web)" entry that opens ISL Meeting, and the reports dashboard shows both a "Meetings" tile (Groop) and an "ISL Meeting" tile. If the ISL Meeting module is not installed on the server, the setting falls back to legacy behavior automatically.
ISL Conference Proxy - ISL AlwaysOn - Connection options blocklist (FEATURE) [ISLCONFPROXY-3828] More
DescriptionA new setting "ISL AlwaysOn hide start options" (multi-value list) in /conf -> Configuration -> ISL AlwaysOn lets administrators specify start option keys that should be filtered out of the ISL AlwaysOn options info returned to the client.
ISL Conference Proxy - Core - Upgrade Go to version 1.26.3 (FEATURE) [ISLCONFPROXY-3829] More
DescriptionGo was upgraded to 1.26.3.
ISL Conference Proxy - Core - Remove unused "Insecure connections" log subsytem from modules (FEATURE) [ISLCONFPROXY-3835] More
DescriptionIn previous versions, an "Insecure connections" log subsystem option appeared in the logging configuration for Light, AlwaysOn and Pronto modules even though it was no longer in use. This was redesigned, with the unused log subsystem removed from these modules so it no longer appears in the logging options. The issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - ISL Pronto - Do not resurect chat object on client object destroy (FEATURE) [ISLCONFPROXY-3839] More
DescriptionIn previous versions, ISL Pronto chat sessions on multi-server grids could show a spurious "Client has left chat" message and the operator could briefly appear unavailable, even when the client was still connected. This was redesigned and issue should no longer be reproducible.
The defect was fixed.
ISL Conference Proxy - Core - Use separate packet generator cache size limits for short and long term items (FEATURE) [ISLCONFPROXY-3842] More
DescriptionThe packet generator cache now applies separate limits to short-term and long-term files. Two new settings, "Packet generator short term file cache limit" and "Packet generator short term file cache size limit in MB", control the maximum file count and total size for short-term cached files. The existing file count and size settings now apply only to long-term files.
Cache cleanup behavior has also changed: when a limit is exceeded, cleanup now removes files until the cache drops to 90% of the limit, instead of stopping exactly at the limit. This reduces how often cleanup runs when the server is under sustained load.
ISL Conference Proxy - Core - Upgrade OpenSSL to 3.0.21 (FEATURE) [ISLCONFPROXY-3846] More
DescriptionOpenSSL was updated to 3.0.21.
ISL Conference Proxy - Postgresql - Periodically log DB writes (FEATURE) [ISLCONFPROXY-3848] More
DescriptionWhen using the PostgreSQL module, the server now periodically writes database activity statistics to the log, including the total number of inserts, updates, and deletes per interval, along with a per-table breakdown. This makes it possible to see which tables are being written to and how often.
The interval is controlled by the new "Database writes statistics logging interval" setting (/conf -> PostgreSQL -> Settings), which specifies how often (in seconds) the statistics are flushed to the log. The default is 3600 seconds, and setting it to 0 disables this logging.