SR-D21803 · Issue 502130
Cross-site scripting protection added for embedded portal URI
Resolved in Pega Version 8.2.4
The URI used in the top window of embedded portals has been encoded to prevent DOM based cross-site scripting.
SR-D38729 · Issue 507031
Included section with defer load loads in modal flow
Resolved in Pega Version 8.2.4
An included section in a dynamic layout with 'defer load content' enabled was not loading in a modal window when it included a table sourced from Data Page which in turn called a Connect Soap to load the data. When the modal window was launched, it indicated it was loading text but did not actually load any data. When 'defer load' was unchecked, the data loaded as expected. In addition, the tab groups in the modal screen flow were not displayed. The same tab group did show when opened through a separate flow. This was traced to the data-harness-id not getting added to the flow in the modal case, and has been resolved by adding data-harness-id to the preRenderer in modalOverlay to handle modal flows.
SR-D38053 · Issue 508225
Upcase case shape will fall back to pyWorkCover if multiple pages are present
Resolved in Pega Version 8.2.4
In the Update a Case shape, selecting "A Single Case" and providing .pxCoveredInsKeys(1) for the With ID field worked as expected, but using the same data transform and selecting either "All child cases and descendants" or a specific child case resulted in no update on the children. This was traced to the findPageByHandle API not returning the most appropriate page, which created an issue whenever multiple pages were present in the clipboard. To correct this, the system has been updated to use pyWorkCover if present.
SR-D36981 · Issue 505697
FusionCharts upgraded to resolve drill down issues
Resolved in Pega Version 8.2.4
Drill down reports were not working when the results were displayed with huge data that came up with a scroll bar or if the report was scrolled down and a drill down was attempted when the scroll bar was in the bottom or middle of the scroll line. The hover icon was different i.e., the hand icon was replaced with arrow icon, or sometimes the hand icon displayed without showing the data. It was possible to drill down when the scroll bar was in the top or the focus was moved outside the chart and brought back in again. This was traced to bugs in the FusionChart libraries, and has been resolved by upgrading to FusionCharts 3.14.0-sr.1.
SR-D26976 · Issue 507217
Filter added to ensure correct context for proposition strategy rules
Resolved in Pega Version 8.2.4
Given two applications (ex App1 and App2) hosted on the same domain where App2 was built on App1, trying to create a strategy rule in App1 and do a test run strategy using the propositional data component which internally uses App2 propositions generated the error: Failed to find a 'RULE-DECISION-DECISIONPARAMETERS' with the name 'GROUP_2'. There were 1 rules with this name in the rulebase, but none matched this request." Investigation showed the strategy was using the PropositionNoCacheUtils and PropositionTools java classes to load the propositions during run time. In these classes, the group classes were browsed from the db irrespective of the application context, causing the strategy run to fail as it was not able to access the decision data rules in other applications which shared the same SR class as the current application. To resolve this, a filter has been added to the PropositionNoCacheUtils and PropositionTools java classes to filter out the groups that are not in the current application context.
SR-D12733 · Issue 488666
Code fragment removed to eliminate Fortify false positive
Resolved in Pega Version 8.2.4
A code remnant related to Boolean.getBoolean(..) in Rule-Declare testConsistency was causing a false positive in a Fortify scan. This piece of code is obselete and is not used anywhere, and has been removed.
SR-D40833 · Issue 506792
Response Strategy works for predictive models
Resolved in Pega Version 8.2.4
After implementing the response strategy for the predictive model and capturing the response, "Refresh Data" in the monitor tab of the predictive model still showed no response captured. As a result, it was not possible to analyze the performance of the model or use it for reporting. This was traced to recent work done so that Response processing now references the factory against a new table. However, the entries in this table were not created for predictive models, causing responses to not be processed. This has been resolved by adding predictive models to the event processor and ensure the functions are using the new factory initializer.
SR-D36970 · Issue 504985
Calendar icon updated to properly display the set number of years
Resolved in Pega Version 8.2.4
By default, the Calendar icon showed a date range of 10 years when -/+100 was expected. This issue was traced to the existing DSS setting (pyNumberofYears under Pega-UIEngine), which enables overriding the date year range, not being honored when the pyNoOfYears property was set to -1. To honor the pyNumberofYears setting, pyNoOfYears should be 21. This has been corrected so the value will be set properly.
SR-D36704 · Issue 504808
Repaired Pega validation report
Resolved in Pega Version 8.2.4
The Pega Usage validation report was not working. This was traced to the UVO O/P file having a null value and not containing any data regarding the environment daily usage. This has been corrected by updating the java used in getElementsByTagName.
SR-D38581 · Issue 504775
Removed unnecessary cross-site scripting filtering on paragraph rule
Resolved in Pega Version 8.2.4
When a link was set in a paragraph rule, the target option was removed in the returned layout structure. This was traced to unnecessary XSS filtering which has now been removed.