SR-C33297 · Issue 372517
Enhanced whitelist/blacklist use for Alert logging
Resolved in Pega Version 8.1
An enhancement has been added to allow Alert logging to all sources (remote and local) to utilize a whitelist instead of a blacklist for parameter page inserts by default. This ensures appropriate sensitive information security regardless of destination.Alert parameter page data is white listed with allowed keywords by default for local and remote alerts. Previously, it was possible to set remote alerts to use whitelist or blacklist obfuscation. The code checked the black list for the local alerts (file) and then decided if it needed to do the whitelist as well. The new method checks if it needs to do whitelist (default) or blacklist and then does the obfuscation only once.
SR-C33299 · Issue 372521
Enhanced whitelist/blacklist use for Alert logging
Resolved in Pega Version 8.1
An enhancement has been added to allow Alert logging to all sources (remote and local) to utilize a whitelist instead of a blacklist for parameter page inserts by default. This ensures appropriate sensitive information security regardless of destination.Alert parameter page data is white listed with allowed keywords by default for local and remote alerts. Previously, it was possible to set remote alerts to use whitelist or blacklist obfuscation. The code checked the black list for the local alerts (file) and then decided if it needed to do the whitelist as well. The new method checks if it needs to do whitelist (default) or blacklist and then does the obfuscation only once.
SR-C33302 · Issue 372520
Enhanced whitelist/blacklist use for Alert logging
Resolved in Pega Version 8.1
An enhancement has been added to allow Alert logging to all sources (remote and local) to utilize a whitelist instead of a blacklist for parameter page inserts by default. This ensures appropriate sensitive information security regardless of destination.Alert parameter page data is white listed with allowed keywords by default for local and remote alerts. Previously, it was possible to set remote alerts to use whitelist or blacklist obfuscation. The code checked the black list for the local alerts (file) and then decided if it needed to do the whitelist as well. The new method checks if it needs to do whitelist (default) or blacklist and then does the obfuscation only once.
SR-C33307 · Issue 372518
Enhanced whitelist/blacklist use for Alert logging
Resolved in Pega Version 8.1
An enhancement has been added to allow Alert logging to all sources (remote and local) to utilize a whitelist instead of a blacklist for parameter page inserts by default. This ensures appropriate sensitive information security regardless of destination.Alert parameter page data is white listed with allowed keywords by default for local and remote alerts. Previously, it was possible to set remote alerts to use whitelist or blacklist obfuscation. The code checked the black list for the local alerts (file) and then decided if it needed to do the whitelist as well. The new method checks if it needs to do whitelist (default) or blacklist and then does the obfuscation only once.
SR-C94042 · Issue 444586
Resolved JSON exception with refreshrow used for navigation
Resolved in Pega Version 8.3
After upgrade, a custom implementation of a grid that had a menu configured on right click of the row for the category/description in the uploaded case attachments was not working. This was traced to the RefreshRow(non-list) action generating quotes that made the JSON invalid for a navigation rule, and has been fixed by modifying pzProcessRefreshRowItem to remove quotes from navigation refreshrow action generation.
INC-177323 · Issue 672420
Search string wildcard use documentation updated
Resolved in Pega Version 8.7
The support article for the search API has been updated to clarify the ability to use the wildcard character "*" by manually adding it to the prefix of each term in the search string.
INC-173162 · Issue 650795
Certificate match will use Subject Distinguished Name
Resolved in Pega Version 8.7
Signature verification was failing due to the system not finding the matching root certificate for the chain. The root certificate was in the trust store, but the system found a different certificate first and that other certificate (an intermediate certificate) was not considered a valid certificate for validating the whole certificate chain. This was traced to filtering on the Issuer Distinguished Name (DN) instead of the Subject DN and was due to intermediate certificates potentially having the same Issuer as a root certificate (e.g. if that root certificate was used to create the intermediate certificate). To resolve this, an update has been made to check the Subject DN instead of Issuer DN.
INC-189047 · Issue 674759
Session timeout adjusted for use with Apple Safari
Resolved in Pega Version 8.7
A configured browser session logout timer was not working with the Apple Safari browser. This was traced to browser-specific handling for self.location.href and has been resolved by adjusting the logic and moving it inside a setTimeout to improve cross-browser compatibility.
SR-D17037 · Issue 487531
Check added for backwards compatibility with Case Type when rules
Resolved in Pega Version 8.3
After upgrade, the When rules present on case type rules (used for skipping stages or showing/hiding stage-wide or case-wide actions) were not executing at run time. This was traced to the introduction of the pySkipOrAllowType property in recent versions, and was only reproducible when the ApplicationRuleset was locked and after upgrade irrespective of whether the condition for when was true or false. To resolve this and enhance backwards capability, a check has been added for the SkipOrAllowType property being empty.
SR-C86770 · Issue 426050
Case urgency value will not be reset when processing wait shapes
Resolved in Pega Version 8.3
When a Wait shape was configured with the ‘Users can choose to continue process’ option unchecked, the overall work object SLA urgency was overwritten to 0 when the SLA processed the Wait shape. This was due to the Wait shape using pzWaitTImer, which has all urgency values as 0. The SLA being set to 0 did not occur if ‘Users can choose to continue process’ was checked on the Wait shape because pxSystemFlow was not set to true in that case. To prevent the SLA override, a check has been added that will skip setting the urgency setting if there is a wait shape.