The Embedded Web Blog

GoAhead 4

spot-light

I'm happy to announce that GoAhead 4 is now available for immediate Download.

GoAhead 4 is an evolutionary upgrade for all GoAhead 3.X. It preserves application compatibility while strengthening API contracts.

All users are encouraged to always update to the latest release and to upgrade now to GoAhead 4.

GoAhead Security Update

tick-web-logo-small

A remote code execution vulnerability has been reported in GoAhead versions 2.x and 3.x in the CGI handler on Linux. This impacts those sites that use dynamically linked CGI programs with GoAhead on Linux.

Source Distributions

source

To help simplify and accelerate releases, we're going to focus on source code distributions only for all products.

Since the Embedthis product suite are designed for embedded use, this should impose little burden and will help focus our testing and accelerate our release pipeline.

Updates all Round

new-pak-icon-128

We're releasing updates for all products with minor fixes to the underlying MPR and HTTP libraries. This means that Appweb, GoAhead and ESP get new releases.

For Appweb, we're incrementing the major release to Appweb 7. Appweb 6 becomes the Long Term Release (LTS) version and will be supported until the end of 2018. There are no breaking or major changes in Appweb 7.

June Releases

new-pak-icon-128

We're releasing updates for Appweb, GoAhead and Makeme that fix a few dozen paper-cut type issues.

Content Security Policy - The Reality

csp

The Content Security Policy (CSP) is a powerful mechanism to prevent Cross Site Scripting (XSS) attacks on web sites which accounts for the majority of all security vulnerabilities.

But CSP is off to a slow start and is not implemented on the vast majority of web sites. Perhaps the difficulty implementing CSP is to blame?

This post examines a case study deploying CSP and has some recommendations for the social media companies to make it easier to implement CSP.

© Embedthis Software, 2003-2015. All rights reserved. Privacy Policy and Terms of Use.   Generated on Oct 21, 2017.