Imprint

Changes to Fabasoft Folio Client Security SettingsPermanent link for this heading

Last update: 27 March 2026 (gs)

SummaryPermanent link for this heading

In previous versions of the Fabasoft Folio Client it was recommended to limit the DNS domains that a given installation would operate with by defining the VALIDDOMAINS registry key, from Fabasoft Folio Client 2026 onwards this is no longer optional and any installation of Fabasoft Folio Client will only interact with DNS domains that have been configured in VALIDDOMAINS.

InformationPermanent link for this heading

This is a breaking change that was introduced to ensure that only validated websites can interact with the Fabasoft Folio Client and instruct it to download and open documents, synchronize files to the local hard drive and other operations offered by the Fabasoft Folio Client.

Prior versions, from Fabasoft Folio Client 2019 onwards, already contained this limiter but enabling it was optional and rarely used even though it was recommended to do so, but because of the changing threat landscape and expanding installation base of the Fabasoft Folio Client and related products, it was decided to make this security related configuration setting mandatory.

Changes in DetailPermanent link for this heading

In addition to making the definition of VALIDDOMAINS mandatory newer versions of Fabasoft Folio Client no longer allow the definition of this setting per-user and only evaluate the central machine wide configuration at the following location:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Fabasoft\NativeClient\Folio

Affected VersionsPermanent link for this heading

This change will take effect with the following Builds of the Fabasoft Folio Client and will be present in all future versions afterwards, older versions will continue to function as before and will keep the definition of VALIDDOMAINS optional:

Fabasoft Folio Client 2026 (Build 26.0.0.10)

Fabasoft Folio Client 2026 April Release (Build 26.4.0.76)

Fabasphere Related ChangesPermanent link for this heading

This change also affects the Fabasphere Enterprise Client although by default for normal usage of the public Fabasphere no additional measures are required, if additional DNS domains must be authorized, please reference the relevant Fabasphere documentation under the chapter "Security Considerations of the Fabasphere Client Web Browser Integration".

SolutionPermanent link for this heading

All that is required to configure the DNS domains that the Fabasoft Folio Client is authorized to interact with, is the definition of a list of these domains via the VALIDDOMAINS registry key, as documented in the Fabasoft Folio Client Whitepaper in the chapter "Security Considerations of the Fabasoft Folio Client Web Browser Integration".

This can now also be done directly during installation by providing the list of domains via the installer argument "VALIDDOMAINS", as an example for Microsoft Windows the authorization of "https://www.example.com/fsc" and "http://www.contoso.com/fsc" could be done via the following command:

msiexec /I FolioClient.msi VALIDDOMAINS=www.example.com:443;www.contoso.com:80