SR-C96362 · Issue 433331
cross-site scripting filter added to API form handling
Resolved in Pega Version 8.3
An cross-site scripting filter has been added for properties that can be changed via API.
SR-C96153 · Issue 433373
Repository Delete API updated for better use with cloud storage
Resolved in Pega Version 8.3
Previously, the Repository Delete API immediately checked if a file existed after attempting to delete it. When deleting files in S3, the file may not be immediately removed: due to S3's eventual consistency policy, the file could still exist at the time Pega was attempting to verify the deletion but be "deleted" according to Amazon. This caused a false alert that the file deletion was unsuccessful, leading to alert emails being sent and the Manifest file not being created, and in some cases generating an exception. To resolve this issue, the logic in Repository Delete that checked if file existed after attempting to delete it has been removed.
SR-C91264 · Issue 433438
Localization fixed for dropdown sourced with pystate
Resolved in Pega Version 8.3
When pystate was used to source a dropdown, the options were all uppercase but in the review harness used lower case for IN and OR. This difference caused a failure in localization. This was caused by the Field value instance being defined in lowercase in PyCaption while the UI was treating the active value as an instance of pyCaption, leading to instances of both "in" and "IN" being present. This has been resolved by consolidating the field value to use a single case in the pega-eventprocessing ruleset.
SR-C96743 · Issue 433616
cross-site scripting improvements for modal dialog
Resolved in Pega Version 8.3
cross-site scripting protections have been added to pzDisplayModalDialog.
SR-C93341 · Issue 433629
Hash handling security updates
Resolved in Pega Version 8.3
Several updates have been made to improve hash handling security.
SR-C91907 · Issue 433770
Thread context preserved when processing a case in interaction
Resolved in Pega Version 8.3
Thread context was not being preserved correctly when a case was opened from an interaction. This has been corrected.
SR-C96297 · Issue 433775
Enhancements added in support of AES/PDC integration
Resolved in Pega Version 8.3
The following enhancements have been added in support of AES/PDC integration: - QueueStatistics for Oracle and multi-tenant environments -Postgres statistics are reset after every push (this can be disabled by changing the DSS ResetTableStats) -Enabled Debug statements before all connect-rest/connect-soap calls -Handling for Listener Information issues -Elastic search updates -The connect timeout has been enhanced from 30 sec to 60 sec for all REST connectors. -Data pages can be used for picking the End point URL -Elastic Search Count details can be pushed to PDC
SR-C89463 · Issue 433820
Corrected tab name handling in Report Browser
Resolved in Pega Version 8.3
When using the report browser, refreshing the page after subscribing and unsubscribing to a report changed the tab name to the task id (eg. "PX-ST-123") and an extra tab appeared. This has been corrected.
SR-C95187 · Issue 433823
IO exception logging enhanced
Resolved in Pega Version 8.3
In order to improve diagnosing problems such as DDS nodes not joining a cluster despite Cassandra nodes being run successfully, logging enhancements have been added that include details about IO exceptions.
SR-C96406 · Issue 434635
Corrected default parameter passing to fetch childcases audit details
Resolved in Pega Version 8.3
After upgrade, Child case audit details in a Parent Case were not visible even after checking the Show Subcases option. This was traced to refactoring work done in an earlier version; in earlier releases, the parameter ShowSubCases defaulted to true if it was not already present. Later during refactoring, a call to pzFetchCaseStatusUpdate was added but did not include support for passing the parameter page if the parameter had been set by default instead of explicitly being included. Since the parameter was missed, the subcase audit details would not be fetched. This has been corrected so the parameter needed will be passed and fetch the subcases.