Framework and security updates as of 8th November 2022.

1. Forecourt Enabler
2. Devexpress
3. WEB API
4. Javascript Plugin frameworks

***Forecourt Enabler update to 4.10.1
Enabler Release Notes

Known Issues

• After a system has resumed from a Sleep/Hibernation state, the Enabler Card driver is unable to resume correctly and requires a pump server restart (#9067).
  These Power Options are now automatically disabled during installation of Enabler v4.5.5 and above, but could be activated again by the user or other software.

Enabler v4.10.1

Summary

• Added Log Collection and Software Installation Pages to the Enabler Web Application.
• Fixes and Improvements to the ActiveX API and Sample Applications.
• Includes Pump Update 2022-07-15 and 2022-09-30:
  • Added support for Censtar 6200, Censtar 6400, Eaglestar SPD, HongYang MPD and Gilbarco UK Extended pump types.
  • Resolved site issues for EMR3, Gilbarco, HongYang SPD, HongYang MPD, IFSF, NZ Protocol, Sanki MPD, Somo and Tokheim pumps.
  • Updated Enabler Card firmware to support Enabler Express V3 without IFSF/LON support.

Details of Changes

• Pump Server (Psrvr4.exe) v4.7.1

  • Added event logging for ExpressV3 cards without IFSF/LON support (EP-5777).
  • Added support for new Enabler hardware revision (EP-5353, EP-5513).
  • Internal changes (EP-5801, EP-5816, EP-5758).

• Enabler Web Applications

  • Enabler Web (EnbWeb.exe, DataAccess.dll, DataEntity.dll, PageResources.dll, WebPages.dll) v2.2.66

    • Added Logs page to support log collection via Enabler Web Application (EP-5837).
    • Added Software page to support installation of Pump Driver Updates via Enabler Web Application (EP-5935).
    • Redirect back to the requested web page once logged in after a session timeout (EP-5965).
    • Updated EnbWeb to retry binding the service to the web port if unsuccessful during startup (EP-6012).
    • Internal changes (EP-5965).

  • Utilities (Utilities.dll, Installer.dll) v1.5.19

    • Internal changes (EP-5727, EP-5767, EP-5830, EP-5837, EP-5935).

• Database

  • Fix: Prevent errors when clearing an attendant delivery if there is no attendant logged onto the pump (ES-5327, EP-5799).
  • Fix: Prevent database connection failure after installing Enabler to non-English Windows (ES-5316, ES-5392, EP-5945).

• API

  • EnbSessionX2 ActiveX Control (EnbSessionX2.ocx) v4.10.7

    • Fix: Ensure Pump states are fired correctly on startup (ES-5157).
    • Fix: Update Pump profile properties when updating Site profile (EP-5931).
    • Fix: Prevent blank pump popup caption when pump description text is not provided by API (EP-1960, EP-5968).
    • Fix: Ensure Pump.MaxStackSize property is populated (EP-5968).
    • Added Chinese (Traditional) translation strings (EP-5898).

  • EnbPumpX2 ActiveX Control (EnbPumpX2.ocx) v3.42.2

    • Fix: Display the caption text properly (ES-5200, EP-5798).
    • Added touch-friendly layout option for pump popup and error dialogs (EP-5968).
    • Added support for Unicode text for Grade name and Display text (ES-5200, EP-5798).

• SDK

  • ITL MPP Simulator (mppsim.exe) v2.37.0.4

    • Internal changes (EP-5814, EP-5873).

  • Java Pump Demo (PumpDemo.jar) v2.1.5

    • Fix: Clear the sale window after logon/re-connection to prevent errors when clearing old items and items getting stuck in the sale window (EP-5941).

  • Developer Documentation

    • Enabler ActiveX Developers Reference v1.24.0

  • User Documentation

    • Enabler Ethernet Getting Started Guide v1.2
    • Enabler Embedded Site Installation Checklist v1.4
    • Enabler Ethernet Site Installation Checklist v1.2
    • Enabler Site Installation Checklist v2.3

• Installer (Enabler4Setup.exe) v4.10.1.2291

  • Fix: Schedule database backup script to run daily using time specified in the database (ES-5402).
  • Added additional components to support Log Collection and Software Installation Pages (EP-5837, EP-5935).
  • Removed Enabler Data REST API Reference. Already included in Enabler Developers Reference (EP-5765).

• Utilities

  • AutoSupport Utility (AutoSupport.exe) v2.18.0

    • Internal changes (EP-5830, EP-5839).

  • Enabler Ethernet Utility (EnbEthernet.exe) v1.1.10

    • Improved Static IP address validation (EP-5966).
    • Internal changes (EP-5790, EP-5983).

• User Documentation

  • Enabler Web Applications Reference Manual v1.56

Enabler v4.10.0

Summary

• Improved and enhanced security of the Enabler:
  • Resolved detected vulnerabilities in the Enabler Web Applications.
  • Added SSL configuration options for the Enabler Web Applications and Pump Server.
• Added support for additional data endpoints in the REST Data API:
  • Added Cards, Table_Stats and WetStock Tank Movements tables.
• Added REST Data API documentation to the Enabler SDK Reference Manual.
• Includes Pump Update 2022-03-11 and 2021-12-17:
  • Resolved site issues for Gilbarco, NZ Protocol, IFSF, Sanki and Wayne DART protocol pumps.
  • Resolved site issues for Veeder Root protocol tank gauges.
  • Simplified logging for Pump Server compatibility checks on startup for selected pump protocols.

Details of Changes

• Enabler Web Applications

  • Enabler Web (EnbWeb.exe, DataAccess.dll, DataEntity.dll, PageResources.dll, WebPages.dll) v2.2.43

    • Fix: Site Settings changes fail to save when legacy terminals are disabled (ES-4839, EP-5514).
    • Fix: Prevent out of memory errors due to REST API memory leaks (ES-4350, ES-5016, EP-5657).
    • Fix: Prevent out of memory errors due to web page memory leaks (EP-5382).
    • Fix: Prevent webpage error when a Grade's Price Profile is configured incorrectly (ES-5006, EP-5651).
    • Fix: Prevent SQL Injection vulnerabilities (EP-5639).
    • Fix: Prevent Cross-Site Scripting (XSS) vulnerabilities (EP-5669).
    • Fix: Ensure Administrator Role access rights cannot be changed (EP-5717).
    • Added support for Tank Deliveries and Movements (EP-5402, EP-5602, EP-5603, EP-5604, EP-5605, EP-5740).
    • Added Network page to support SSL configuration (EP-2242).
    • Updated jQuery library and improved JavaScript code (EP-5670).
    • Internal changes (EP-5616, EP-5639).

  • Utilities (Utilities.dll, Installer.dll) v1.5.9

    • Fix: Prevent SQL Injection vulnerabilities (EP-5639).
    • Improved error handling for SSL configuration changes (EP-2242).
    • Internal changes (EP-5402, EP-5602, EP-5603, EP-5604, EP-5605, EP-5606, EP-5608).

  • Padarn Web Server (OpenNETCF.web.dll) v1.6.16171.18

    • Fix: Prevent ROBOT vulnerability by removing support for RSA key exchange (EP-5641)
    • Added HTTP Strict Transport Security header for secure connections (EP-5643).
    • Internal changes (EP-5669)

• Pump Server (Psrvr4.exe) v4.6.49

  • Fix: Pump can get stuck if a client logs on at the same time as Prepay delivery ends (ES-4905, EP-5582).
  • Fix: Last prepay details incorrectly sent to the client when next prepay is a zero delivery (ES-4944, EP-5618).
  • Fix: Reject authorisation limits that are negative or larger than the database can handle (EP-5659).
  • Fix: Prevent unexpected warnings when preset deliveries are going slightly over the limit (ES-5072, EP-5723).
  • Improved support for secure API connections to allow TLS1.2 and TLS1.3 (EP-5553, EP-5554).

• OpenSSL (OpenSSL.exe) v1.1.1L

  • Update to version 1.1.1L (EP-5554).

• Database

  • Added Table_Stats table to track statistics (i.e. LastConfigUpdate) for the Enabler tables (ES-4655, EP-4782, EP-5640).

• API

  • EnbSessionX2 ActiveX Control (EnbSessionX2.ocx) v4.10.2

    • Added support for SSL connection to Pump Server (EP-5526).
    • Added support for Chinese (Traditional) translation (CR432-107, EP-5695).

  • EnbPumpX2 ActiveX Control (EnbPumpX2.ocx) v3.41.2

    • Added Chinese (Traditional) translation strings for Pump pop-up dialog (CR432-107, EP-5695).

  • Enabler Java API (enabler-api-1.0.jar) v1.4.5

    • Added support for SSL connection to Pump Server, including new Forecourt methods get/setConnectionMode() (EP-4501).
      Refer to setConnectionMode() documetation for more details.
    • Use configuration file with .properties extension. Refer to API Javadoc (EP-4501, EP-5586).
    • Internal changes (EP-4501).

  • Java Pump Controls (enabler-pmp-ctrl-2.0.jar) v2.0.7

    • Various improvements to Pump Controls (EP-5329).
    • Internal changes (EP-4501).

  • Enabler .Net API (ITL.Enabler.Api.dll, ITL.Enabler.Api_pcl.dll, ITL.Enabler.API.TLB) v1.3.10

    • Added support for secure API connections using TLS1.2 (EP-5554).

  • Enabler REST API (RestData.dll) v2.2.43

    • Fix: Pump deletion now checks for linked Pump Profile and Loop (EP-5631).
    • Remove unnecessary logging for REST API requests (EP-5367).
    • Added TableStatsData endpoint to track statistics for the Enabler tables (ES-4655, EP-4782).
    • Added support for Tank_Delivery, Tank_Loss, Tank_Movement_Type and Tank_Transfer data tables (EP-5402, EP-5602, EP-5603, EP-5604, EP-5605, EP-5740).
    • Added validation of Price Profile when updating the Grades data table (ES-5006, EP-5651).
    • Improved REST API performance (EP-5674).
    • Added Close Period support to Desktop (ES-4802, EP-5472).
    • Added support for Cards Data table (EP-4246).

• SDK

  • ITL MPP Simulator (mppsim.exe) v2.36.0.27

    • Fix: Ensure final running total is equal to delivery value when limit is reached and nozzle is returned (EP-5508).
    • Internal changes (EP-5355, EP-5215, EP-5621, EP-5630).

  • Java Pump Demo (PumpDemo.jar) v2.1.4

    • Fix: Manual Transaction for Mechanical pumps only worked on first entry (EP-5329).
    • Support .properties file for storing application preferences (EP-4501, EP-5586).
    • Added support for SSL connection to Pump Server (EP-4501).
    • General UI improvements (EP-4501, EP-5329):
      • Restore window size and position when app opened
      • Disable logon dialog while connecting
      • Improved Auto Reconnect behaviour on server disconnection
      • Improved Prepay dialog layout
    • Include library dependencies with source code (EP-4501).

  • REST API Sample Application (RESTApiSample.exe) v1.0.5.0

    • Sample .NET WPF application for the REST Data API (EP-4757, EP-5617).

  • Developer Documentation

    • Enabler SDK Reference Manual v4.0.66
    • Enabler Java API Javadoc v4.0.6
    • Enabler ActiveX Developers Reference v1.23.0

  • User Documentation

    • Enabler Ethernet Getting Started Guide v1.1
    • Enabler Embedded Getting Started Guide v1.17

• Installer (Enabler4Setup.exe) v4.10.0.2104

  • Added HTTPS support for Enabler Web start menu shortcuts (EP-5622).

• Utilities

  • AutoSupport Utility (AutoSupport.exe) v2.13.0

    • Added more site database configuration in EnablerInfo.txt and EnablerInfo.csv (EP-4563).
    • Internal changes (CR426-189).

  • Enabler Ethernet Utility (EnbEthernet.exe) v1.1.7

    • Improved console output of Ethernet version number (EP-5417).

  • EnbKick Utility (EnbKick.exe) v2.2.1

    • Fix: Improved reliability of logging into Enabler API (ES-4930).

  • Enabler SSL Utility (EnbSSL.exe) v1.1.1

    • New utility for configuring SSL settings for Enabler Pump Server and Web Applications (EP-5446).

  • Enabler Client Utility (EnbClient.exe) v1.4.2

    • Added SSL option for Enabler Web start menu shortcuts (EP-5622).

• User Documentation

  • Enabler Web Applications Reference Manual v1.53
  • Enabler Demonstration POS Application Reference Manual v3.5

DEVExpress upgrade from 22.1.3 to 22.1.6. Changes at this link: https://supportcenter.devexpress.com/versionhistory