What's new


WorkZone 2021.2

As of this release the HTTP protocol is no longer supported.

WorkZone Content Server changes

Re-indexing required when upgrading

If you upgrade your WorkZone Content Server 2021.0 or WorkZone Content Server 2021.1 installation to WorkZone Content Server 2021.2, the meta data for the File, Record, Contact, and Address tables must reindexed. Reindexing the meta data for the Document table is not necessary. See Upgrade WorkZone Content Server.

WorkZone Client and WorkZone Configurator

Default Content Security Policies

Default Content Security Policies have been configured and enabled upon installation for WorkZone Client and WorkZone Configurator to enhance effective security controls available to the web browser and help prevent client-side attacks, such as Cross-Site Scripting.

If connectivity issues or issues with the execution of scripts or other code snippets in browsers accessing WorkZone Client or WorkZone Configurator are experienced, these issues might be attributed the default Content Security Policy values.

The default Content Security Policies can be checked and configured on the Microsoft IIS 7 server in the IIS Manager form to see if the policy performs as expected and adjust the policy values if necessary.

The Content Security Policy settings can also be checked by using the developer tools in the relevant browser or by using 3rd party development tools – for example Postman (a platform for API development).

A Content Security Policy cannot stand alone and should be considered a defense-in-depth measure for injection attacks, as it is dependent on browser support.

Cross Origin Resource Sharing (CORS) updated

Cross-Origin Resource Sharing (CORS) used in WorkZone services, such as WorkZone PDF Engine, WorkZone Process and WorkZone OData has been updated.

If WorkZone services are to be requested from browsers or web clients from other domains (for example WorkZone Client and WorkZone Configurator applications hosted on a different host than Process service), system administrators must configure the Cross-Origin Resource Sharing parameters AllowedCorsOrigins and AllowedCorsHeaders for WorkZone PDF Engine, WorkZone Process and the optional silent installation parameter CORSORIGINS for WorkZone OData.

Cross Origin Resource sharing can be configured manually in the WorkZone config files after product installation.

WorkZone Process

Microsoft Graph integration - sending smartmails and email notifications

In previous releases, sending smartmails and email notifications in WorkZone Process was implemented using the EWS (ExchangeWebServices) library. EWS supported both the on-premises and the cloud version of Exchange server.

To strengthen the security of WorkZone and ensure continuous updates of the library, the Microsoft Graph library is now used instead of the EWS library to send smartmails and email notifications in cloud environments.

For on-premises installations, EWS is still used. It is also possible to use EWS in a cloud installation but only with basic authentication. To be future-proof, it is recommended to use the Microsoft Graph library.

See Configure WorkZone Process and Command line configuration.

Note: In this release, only sending emails using Microsoft Graph is supported. Receiving emails is not yet supported. This means that, for example, the Mailbox Monitor service workflow still uses the EWS library, and that this service is not yet supported in WorkZone Cloud Edition.

WorkZone 365 changes

Updated guidelines on how to Install WorkZone 365 to use meetings in Microsoft Outlook 2016 and 2019.

WorkZone I/O Manager

A new module, WorkZone I/O Manager, is now available in WorkZone. See Install WorkZone I/O Manager.