May 7, 2021
- Logging in from the AdLauncher using SSO clients would not always work properly if a redirect was configured for that user. The AdLauncher should not successfully be logged in, in these specific cases, when using SSO.
Following an application icon from the Okta home page to launch SCS/Track (CAS) now properly logs the user in using SSO. Reported by the Review-Journal (Las Vegas, NV).
The client can no longer override the content-type header of a response. This plugs a potential security hole.
Saving/updating the notes during an ad submission can only be done from the originating session or the same session that created the session in the first place. This plugs a potential security hole where anyone with the right URL could modify the notes for a specific file within a submission.