What’s new
What’s new in 2203 LTSR
Version 2203 of StoreFront includes the following new features and enhancements:
Support ended for TLS 1.0 and TLS 1.1
From this release onward, StoreFront no longer supports TLS 1.0, and TLS 1.1 protocols between Citrix Virtual Apps and Desktops (formerly XenApp and XenDesktop) and Citrix Receiver, and Workspace Hub.
Citrix Workspace app for HTML5
This release includes Citrix Workspace app for HTML5 2202.
Fixed issues
The following issues have been fixed since version 1912 LTSR CU4:
-
[CVADHELP-16834] When you attempt to launch a user session using Citrix StoreFront services API, the parameters passed to the launch request might be incorrect.
-
[CVADHELP-17295] SAML authentication might fail on the Citrix Workspace app that is connected internally to a StoreFront.
-
[CVADHELP-17385] This fix is an enhancement to StoreFront supporting the Local Host Cache feature in Citrix DaaS deployment. This enhancement allows users to launch resources from locations where connectors are not added to the StoreFront as Delivery Controllers when the service is not in the cloud outage mode.
-
[CVADHELP-17671] StoreFront includes a Cross Site Request Forgery (CSRF) token in the query string of a few URLs. A security concern might arise because the tokens might be retained in the browser history or in the logs of intermediate devices, such as proxy servers.
With this fix, you can disable CSRF token usage for the following URL request.
Add-STFFeatureState -Name "Citrix.DeliveryServices.WebUI.CsrfValidation.IgnoreOnSpecificRequests" -IsEnabled $TrueNote:
If the feature toggle is ON, you must remove CSRF tokens from the URLs in all WebAPI-based customizations.
-
[CVADHELP-18083] If you select Source for Receivers/Workspace app as the Citrix Website using the Deploy Citrix Receiver/Workspace app option, the Citrix Receivers/Workspace app downloads from an insecure site. As a result, the latest Google Chrome browser updates block the download.
-
[CVADHELP-18221] When switching accounts to log on to Citrix Workspace app on the same client, icons of featured app groups might launch incorrect applications. For example, if the user clicks the icon of application A on Citrix Workspace app, application B might launch. Also, the detail box of application A displays the information of application B.
-
[LCM-9536] Highlighted tabs in Citrix Receiver for Web sites ignore the ‘Link color’ value specified in the Customize Appearance tab of the Edit Receiver for Web site dialog. Instead, highlighted tabs display in purple.