CAST AIP 8.3.x Documentation
Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Summary: CAST AIP 8.3.27 introduces a number of features and changes as listed below. To view the impacts of these changes on analysis results, see: Changes in results post upgrade

CAST Storage Service backup and restore tools

A change has been made to the CSSBackup.exe and CSSBackupAll.exe tools provided with CAST AIP to enlarge compatibility and exchangeability with target server versions. As such, schema backups created with CSSBackup/CSSBackupAll included in 8.3.27 (and any higher 8.3 service pack) should only be restored with CSSRestore/CSSRestoreAll included in 8.3.27 (and any higher 8.3 service pack).

CAST Extension Downloader

The URL used to connect to CAST Extend has been changed by default to https://extend.castsoftware.com.

User Input Security

  • The automatic blackboxing action will now identify as database targets all methods beginning with (previously only Find or find were considered as targets):
    • Find(
    • FindRow(
    • FindRows(
    • FindColumn(
    • FindColumns(
  • Support (predefined methods) has been added for the GWT (Google Web Kit) framework.
  • Sanitization methods for the NpgSql framework for JEE are now supported.
  • The rule 8518 - Avoid regular expression injection has been implemented for JEE technologies. Previously this rule only functioned on .NET technologies.
  • No labels